An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.
2019-11-26T16:15:14.057
2024-11-21T04:48:00.303
Modified
CVSSv3.1: 8.3 (HIGH)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | cloudera | cdh | 6.0.0 | Yes |
Application | cloudera | cdh | 6.0.1 | Yes |
Application | cloudera | cdh | 6.1.0 | Yes |