Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration Manager 3.5, when Kerberos is not enabled, does not properly install taskcontroller.cfg, which allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors, a different vulnerability than CVE-2012-1574.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2012-04-12 10:45
Updated : 2024-02-28 12:00
NVD link : CVE-2012-2230
Mitre link : CVE-2012-2230
CVE.ORG link : CVE-2012-2230
JSON object : View
Products Affected
cloudera
- cloudera_service_and_configuration_manager
- cloudera_manager
CWE
CWE-310
Cryptographic Issues