icon

We found results for “

WS-2014-0051

Good to know:

icon

Date: October 24, 2014

In “Cloudera/Hue”, versions v0.9.1 to v3.7.1 and cdh5-base-2.3.0 to cdh5-base-3.7.0 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via POODLE attack.

Language: Python

Severity Score

Severity Score

Weakness Type (CWE)

Cryptographic Issues

CWE-310

Top Fix

icon

Upgrade Version

Upgrade to version release-3.8.0, cdh5-base-3.8.0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us