HomePentest-Tools.com Logo

Cloudera Manager Multiple Vulnerabilities CVE-2016-4948CVE-2016-4949CVE-2016-4950

Severity
CVSSv3 Score
7.5
Vulnerability description

Cloudera Manager is prone to multiple vulnerabilities.

Risk description

Cloudera Manager is prone to multiple vulnerabilities: - Multiple cross-site scripting (XSS) vulnerabilities (CVE-2016-4948) - Obtain sensitive information via a stderr.log or stdout.log (CVE-2016-4949) - Enumeration of user sessions via a request to /api/v11/users/sessions (CVE-2016-4950)

Recommendation

Update to 5.5.1 or newer versions.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 7, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available