Information Disclosure Vulnerability in Cloudera Manager by Cloudera
CVE-2014-0220

Currently unrated

Key Information:

Vendor: Cloudera
Status: Cloudera Manager
Vendor: CVE Published:; 10 June 2014

What is CVE-2014-0220?

Cloudera Manager versions prior to 5.0.1 and 4.8.3 are susceptible to an information disclosure vulnerability. This flaw allows remote authenticated users to access sensitive configuration data through the API, which may lead to unauthorized exposure of critical information and potential exploitation. Organizations utilizing these versions of Cloudera Manager should consider upgrading to mitigate the risks associated with this exposure.

References

http://www.securityfocus.com/archive/1/532312/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.cloudera.com/content/cloudera-content/cloudera...

x_refsource_CONFIRM

http://packetstormsecurity.com/files/126956/Cloudera-Mana...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2014
Vulnerability Reserved
Dec 3, 2013

JSON