Описание
Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.
Ссылки
- Vendor Advisory
- https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hadoopVendor Advisory
- Vendor Advisory
- https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hadoopVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.0.0 (включая) до 5.14.0 (включая)
Одно из
cpe:2.3:a:cloudera:cdh:*:*:*:*:*:*:*:*
cpe:2.3:a:cloudera:cdh:5.15.0:*:*:*:*:*:*:*
cpe:2.3:a:cloudera:cdh:5.15.1:*:*:*:*:*:*:*
cpe:2.3:a:cloudera:cdh:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cloudera:cdh:6.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00282
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.
EPSS
Процентиль: 51%
0.00282
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-276