CVE-2018-20090
- EPSS 0.32%
- Published 26.11.2019 16:15:11
- Last modified 21.11.2024 04:00:51
An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder.
CVE-2018-11215
- EPSS 3.06%
- Published 03.07.2019 16:15:09
- Last modified 21.11.2024 03:42:55
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors.
CVE-2018-15665
- EPSS 0.35%
- Published 21.06.2019 15:15:09
- Last modified 21.11.2024 03:51:14
An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts.
CVE-2018-20091
- EPSS 0.87%
- Published 07.06.2019 16:29:00
- Last modified 21.11.2024 04:00:51
An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information,...
CVE-2017-15536
- EPSS 0.3%
- Published 05.02.2018 03:29:00
- Last modified 21.11.2024 03:14:44
An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in co...