Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authenticated users to obtain sensitive configuration information via the API.
2014-06-10T14:55:09.273
2025-04-12T10:46:40.837
Deferred
CVSSv2: 4.0 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cloudera | cloudera_manager | ≤ 4.8.2 | Yes |
| Application | cloudera | cloudera_manager | 4.0.1 | Yes |
| Application | cloudera | cloudera_manager | 4.0.2 | Yes |
| Application | cloudera | cloudera_manager | 4.0.3 | Yes |
| Application | cloudera | cloudera_manager | 4.1 | Yes |
| Application | cloudera | cloudera_manager | 4.1.1 | Yes |
| Application | cloudera | cloudera_manager | 4.1.2 | Yes |
| Application | cloudera | cloudera_manager | 4.1.3 | Yes |
| Application | cloudera | cloudera_manager | 4.1.4 | Yes |
| Application | cloudera | cloudera_manager | 4.5.0 | Yes |
| Application | cloudera | cloudera_manager | 4.5.1 | Yes |
| Application | cloudera | cloudera_manager | 4.5.2 | Yes |
| Application | cloudera | cloudera_manager | 4.5.3 | Yes |
| Application | cloudera | cloudera_manager | 4.5.4 | Yes |
| Application | cloudera | cloudera_manager | 4.6.0 | Yes |
| Application | cloudera | cloudera_manager | 4.6.1 | Yes |
| Application | cloudera | cloudera_manager | 4.6.2 | Yes |
| Application | cloudera | cloudera_manager | 4.6.3 | Yes |
| Application | cloudera | cloudera_manager | 4.7.2 | Yes |
| Application | cloudera | cloudera_manager | 4.8.1 | Yes |
| Application | cloudera | cloudera_manager | 5.0.0 | Yes |