CVE-2014-8733

Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified world-readable files under /etc/hadoop, which allows local users to obtain this password.

Published: Feb 10, 2015
Updated: Apr 13, 2023
CVE: CVE-2014-8733
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
cloudera / cloudera_manager	5.2.0	5.2.0.x
cloudera / cloudera_manager	5.2.1	5.2.1.x
cloudera / cloudera_manager	5.3.0	5.3.0.x

http://www.cloudera.com/content/cloudera/en/documentation/security-bulletins/Security-Bulletin/csb_topic_2.html

Vulnerability Database

289,697

CVE-2014-8733