Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCloudera Key Trustee Server
APPCloudera≤ 5.4.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2021-30132CRITICAL9.8ten sam vendor
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
CVE-2018-11215CRITICAL9.8ten sam vendor
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unsp...
CVE-2018-20091CRITICAL9.9ten sam vendor
An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This w...
CVE-2025-3884HIGH7.5ten sam vendor
Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This vulnerability allows re...
CVE-2020-26936HIGH8.8ten sam vendor
Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.