Exposure of JWT Authentication Tokens in Cloudera Data Engineering (CDE) 1.3.0 Virtual Cluster Server Logs

Exposure of JWT Authentication Tokens in Cloudera Data Engineering (CDE) 1.3.0 Virtual Cluster Server Logs

CVE-2021-3167 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs.

Learn more about our Cis Benchmark Audit For Server Software.