CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-7319

An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.2%

CVSS Severity

CVSS v3 Score 8.3

CVSS v2 Score 6.5

References

https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_o2p_hjm_33b
https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hue
https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_o2p_hjm_33b
https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hue

Products affected by CVE-2019-7319

Cloudera » Cdh » Version: 6.0.0

cpe:2.3:a:cloudera:cdh:6.0.0
Cloudera » Cdh » Version: 6.0.1

cpe:2.3:a:cloudera:cdh:6.0.1
Cloudera » Cdh » Version: 6.1.0

cpe:2.3:a:cloudera:cdh:6.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-7319

Products

Pricing

Contact Us