CVE-2015-4166

Published: Mar 23, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.

Affected (1)

Products: Cloudera: Key Trustee Server

Cloudera

1 product

Key Trustee Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cloudera Key Trustee Server	Up to 5.4.2

Related CWEs

CWE-320

References (2)

https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#concept_jpc_mwm_js

Source: cve@mitre.org

MitigationVendor Advisory

https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#concept_jpc_mwm_js

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.