Summary
Cloudera Manager is prone to an information-disclosure vulnerability.
Impact
Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Solution
Udate Cloudera Manager to version 4.8.3/5.0.1 or later.
Insight
Cloudera Manager allows remote authenticated users to obtain sensitive configuration information via the API.
Affected
Cloudera Manager prior to 4.8.3 and 5.0.0 are vulnerable.
Detection
Check the version
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-0220 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:P/I:N/A:N
Related Vulnerabilities