CVE-2015-4166

critical

Description

Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.

References

https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#concept_jpc_mwm_js

Details

Source: Mitre, NVD

Published: 2017-03-23

Updated: 2026-05-13

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00271