IDCVSSSummaryLast (major) updatePublished
CVE-2016-4948 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Cloudera Manager 5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Template Name field when renaming a template; (2) KDC Server host, (3) Kerberos Security
09-03-2017 - 02:59 07-03-2017 - 16:59
CVE-2016-4950 5.0
Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions.
09-03-2017 - 02:59 07-03-2017 - 16:59
CVE-2016-4949 5.0
Cloudera Manager 5.5 and earlier allows remote attackers to obtain sensitive information via a (1) stderr.log or (2) stdout.log value in the filename parameter to /cmf/process/<process_id>/logs.
09-03-2017 - 02:59 07-03-2017 - 16:59
Back to Top Mark selected
Back to Top