Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCloudera Key Trustee Server
APPCloudera≤ 5.4.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2021-30132CRITICAL9.8ten sam vendor
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
CVE-2018-11215CRITICAL9.8ten sam vendor
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unsp...
CVE-2018-20091CRITICAL9.9ten sam vendor
An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This w...
CVE-2025-3884HIGH7.5ten sam vendor
Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This vulnerability allows re...
CVE-2020-26936HIGH8.8ten sam vendor
Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.