Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cloudera CDH JobHistory Server 安全漏洞
Vulnerability Description
Cloudera CDH是美国Cloudera公司的一套开源的用于运行Apache Hadoop的平台。JobHistory Server是其中的一个历史任务存储、查看服务。 Cloudera CDH 4.6.0之前的4.x版本和5.0.0 Beta 2之前的5.x版本中的JobHistory Server存在安全漏洞。远程攻击者可利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A