CRITICAL🇵🇱 Wersja polska

CVE-2015-4166

CVSS 9.8v3.0pub. 2017-03-23upd. 2026-05-13

Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Cloudera Key Trustee Server

    APP
    Cloudera
    ≤ 5.4.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-30132CRITICAL9.8ten sam vendor

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.

CVE-2018-11215CRITICAL9.8ten sam vendor

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unsp...

CVE-2018-20091CRITICAL9.9ten sam vendor

An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This w...

CVE-2025-3884HIGH7.5ten sam vendor

Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This vulnerability allows re...

CVE-2020-26936HIGH8.8ten sam vendor

Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.