CRITICAL🇬🇧 English

CVE-2015-4166

CVSS 9.8v3.0pub. 2017-03-23upd. 2026-05-13

Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Cloudera Key Trustee Server

    APP
    Cloudera
    ≤ 5.4.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-30132CRITICAL9.8ten sam vendor

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.

CVE-2018-11215CRITICAL9.8ten sam vendor

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unsp...

CVE-2018-20091CRITICAL9.9ten sam vendor

An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This w...

CVE-2025-3884HIGH7.5ten sam vendor

Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This vulnerability allows re...

CVE-2020-26936HIGH8.8ten sam vendor

Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.