4
CVE-2014-0220
- EPSS 1.85%
- Veröffentlicht 10.06.2014 14:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authenticated users to obtain sensitive configuration information via the API.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cloudera ≫ Cloudera Manager Version <= 4.8.2
Cloudera ≫ Cloudera Manager Version4.0.1
Cloudera ≫ Cloudera Manager Version4.0.2
Cloudera ≫ Cloudera Manager Version4.0.3
Cloudera ≫ Cloudera Manager Version4.1
Cloudera ≫ Cloudera Manager Version4.1.1
Cloudera ≫ Cloudera Manager Version4.1.2
Cloudera ≫ Cloudera Manager Version4.1.3
Cloudera ≫ Cloudera Manager Version4.1.4
Cloudera ≫ Cloudera Manager Version4.5.0
Cloudera ≫ Cloudera Manager Version4.5.1
Cloudera ≫ Cloudera Manager Version4.5.2
Cloudera ≫ Cloudera Manager Version4.5.3
Cloudera ≫ Cloudera Manager Version4.5.4
Cloudera ≫ Cloudera Manager Version4.6.0
Cloudera ≫ Cloudera Manager Version4.6.1
Cloudera ≫ Cloudera Manager Version4.6.2
Cloudera ≫ Cloudera Manager Version4.6.3
Cloudera ≫ Cloudera Manager Version4.7.2
Cloudera ≫ Cloudera Manager Version4.8.1
Cloudera ≫ Cloudera Manager Version5.0.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.85% | 0.763 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://packetstormsecurity.com/files/126956/Cloudera-Manager-4.8.2-5.0.0-Information-Disclosure.html
http://www.cloudera.com/content/cloudera-content/cloudera-docs/SecurityBulletins/Security-Bulletin/csb_topic_2.html
http://www.securityfocus.com/archive/1/532312/100/0/threaded
http://www.securityfocus.com/bid/67912