CVE-2018-10815

EUVD-2018-2884
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
clouderacloudera_manager
𝑥
< 5.13.4
clouderacloudera_manager
5.14.0 ≤
𝑥
< 5.14.4
clouderacloudera_manager
5.15.0 ≤
𝑥
< 5.15.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cloudera.com/
https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html
https://www.cloudera.com/
https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html