Vulnerability Details CVE-2020-26936
Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- https://docs.cloudera.com/data-engineering/cloud/overview/topics/cde-service-overview.html
- https://my.cloudera.com/knowledge/TSB-2020-447-Cross-Site-Request-Forgery-vulnerability-in-CDE?id=304992
- https://docs.cloudera.com/data-engineering/cloud/overview/topics/cde-service-overview.html
- https://my.cloudera.com/knowledge/TSB-2020-447-Cross-Site-Request-Forgery-vulnerability-in-CDE?id=304992
Products affected by CVE-2020-26936
-
cpe:2.3:a:cloudera:data_engineering:*