Plaintext Storage of LDAP Bind Password in Cloudera Manager

Plaintext Storage of LDAP Bind Password in Cloudera Manager

CVE-2014-8733 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified world-readable files under /etc/hadoop, which allows local users to obtain this password.

Learn more about our Cis Benchmark Audit For Bind.