CVE Details
Basic Information
| Title | CVE-2025-3884 |
|---|---|
| Type | cve |
| Published | 2025-05-22T01:15:54 |
| Last Seen | 2025-05-22T01:26:09 |
CVSS Information
| Base Score | 7.5 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | NONE |
| Availability Impact | NONE |
AI Analysis
| AI Description | This vulnerability in Cloudera Hue’s Ace Editor allows remote attackers to access sensitive information without authentication by exploiting a directory traversal flaw. The issue is due to improper input validation, enabling attackers to read arbitrary files on the server. |
|---|---|
| AI Severity | High |
| Vendor | Cloudera |
| Product | Hue Ace Editor |
| Affected Version |
Additional Information
| CVE List | CVE-2025-3884 |
|---|---|
| CWE List | CWE-22 |
| Bulletin Family | cve |
Description
Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cloudera Hue. Authentication is not required to…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)