Remote Code Execution Vulnerability in Cloudera Data Science Workbench
CVE-2018-11215

9.8CRITICAL

Key Information:

Vendor: Cloudera
Status: Data Science Workbench
Vendor: CVE Published:; 3 July 2019

What is CVE-2018-11215?

A vulnerability in Cloudera Data Science Workbench allows for remote code execution due to unspecified attack vectors. Affected installations of version 1.3.0 and older may be at risk, highlighting the need for immediate updates and security precautions. Users should consult official Cloudera documentation for recommended actions and apply any available patches.

References

https://www.cloudera.com/documentation/other/security-bul...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2019
Vulnerability Reserved
May 16, 2018