CVE-2021-3167

MEDIUM

Cloudera Data Engineering 1.3.0 - Sensitive Information Exposure in Log Files

Title source: llm
STIX 2.1

Description

In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs.

References (3)

Core 3

Scores

CVSS v3 6.5
EPSS 0.0111
EPSS Percentile 61.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-532
Status published
Products (1)
cloudera/data_engineering 1.3.0
Published Mar 15, 2021
Tracked Since Feb 18, 2026