Vulnerability CVE-2018-20091


Published: 2019-06-07

Description:
An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords (in the case of local authentication), API keys, and stored Kerberos keytabs.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

Vendor: Cloudera
Product: Data science workbench 
Version:
1.4.2
1.4.1
1.4.0

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html
https://www.cloudera.com/products/data-science-and-engineering/data-science-workbench.html

Related CVE
CVE-2018-6185
In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KM...
CVE-2018-5798
This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager.
CVE-2018-10815
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information.
CVE-2016-6605
Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.
CVE-2015-4166
Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.
CVE-2015-4078
Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3...
CVE-2015-2263
Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 5.2.x before 5.2.5, and 5.3.x before 5.3.3 uses global read permissions for files in its configuration directory when starting YARN NodeManager, which allows local users to obtain sensitiv...
CVE-2014-0229
Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDatanode HDFS admin commands, which allows remote auth...

Copyright 2019, cxsecurity.com

 

Back to Top