icon

We found results for “

WS-2018-0635

Good to know:

icon

Date: February 16, 2018

In “Cloudera/Hue”, v2.0.0 to v4.2.0, cdh4.0.0 to cdh5.14.0 and cdh4-base-2.0.0 to cdh4-base-2.5.0 are vulnerable as a result of an exposed LDAP password (returned as ‘args’).

Language: Python

Severity Score

Severity Score

Weakness Type (CWE)

Insufficiently Protected Credentials

CWE-522

Top Fix

icon

Upgrade Version

Upgrade to version release-4.3.0, cdh5.14.2-release

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE

Do you need more information?

Contact Us