Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions.
References
Configurations
History
No history.
Information
Published : 2017-03-07 16:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-4950
Mitre link : CVE-2016-4950
CVE.ORG link : CVE-2016-4950
JSON object : View
Products Affected
cloudera
- manager
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor