Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.
References
Configurations
Configuration 1 (hide)
|
History
10 Nov 2021, 16:01
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cloudera:cloudera_manager:*:*:*:*:*:*:*:* | |
References | (MISC) https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833 - Vendor Advisory | |
References | (MISC) https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
CWE | CWE-79 |
08 Nov 2021, 13:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-08 13:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-29243
Mitre link : CVE-2021-29243
CVE.ORG link : CVE-2021-29243
JSON object : View
Products Affected
cloudera
- cloudera_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')