Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26936
Reference (s):
- https://my.cloudera.com/knowledge/TSB-2020-447-Cross-Site-Request-Forgery-vulnerability-in-CDE?id=304992
- https://docs.cloudera.com/data-engineering/cloud/overview/topics/cde-service-overview.html