CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.1%

CVSS Severity

CVSS v3 Score 8.3

CVSS v2 Score 6.5

References

https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#TSB-351
https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#TSB-351

Products affected by CVE-2018-20090

Cloudera » Data Science Workbench » Version: 1.4.0

cpe:2.3:a:cloudera:data_science_workbench:1.4.0
Cloudera » Data Science Workbench » Version: 1.4.1

cpe:2.3:a:cloudera:data_science_workbench:1.4.1
Cloudera » Data Science Workbench » Version: 1.4.2

cpe:2.3:a:cloudera:data_science_workbench:1.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20090

Products

Pricing

Contact Us