CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder.

Link	Resource
https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#TSB-351	Vendor Advisory

Configuration 1

cpe:2.3:a:cloudera:data_science_workbench:*:*:*:*:*:*:*:*

---

Published : 2019-11-26 04:15

Updated : 2019-12-12 03:10

---

NVD link : CVE-2018-20090

Mitre link : CVE-2018-20090

No products.

CWE-276

Incorrect Default Permissions