Cloudera Docs

Known Issues in Apache Knox

Learn about the known issues in Knox, the impact or changes to the functionality, and the workaround.

CDPD-28431: Intermittent errors could be potentially encountered when Impala UI is accessed from multiple Knox nodes.
You must use a single Knox node to access Impala UI.
CDPD-3125: Logging out of Atlas does not manage the external authentication
At this time, Atlas does not communicate a log-out event with the external authentication management, Apache Knox. When you log out of Atlas, you can still open the instance of Atlas from the same web browser without re-authentication.
To prevent additional access to Atlas, close all browser windows and exit the browser.
OPSAPS-58179: HIVE endpoint url is updated on only one knox host topolgies. While on other knox host, the Cloudera Manager configuraiton monitoring change is not identified and topologies are not updated with the Hive URL.
None
CDPD-22785: Improvements and issues needs to be addressed in convert-topology knox cli command
None

Technical Service Bulletins

TSB 2022-553: DOM based XSS Vulnerability in Apache Knox
When using Knox Single Sign On (SSO) in the affected releases, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. The request includes a specially crafted request parameter that could be used to redirect the user to a page controlled by an attacker. This request URL would need to be presented to the user outside the normal request flow through a XSS or phishing campaign.
Knowledge article
For the latest update on this issue see the corresponding Knowledge article: TSB 2022-553: DOM based XSS Vulnerability in Apache Knox (“Knox”)
TSB 2023-630: Apache Knox - Server-side Request Forgery in host parameter
When authenticated to an Apache Knox (Knox) protected endpoint, such as Apache HBase (HBase), modifying the host parameter by adding an external host causes Knox to unexpectedly send a request to the external host which includes the user's cookies. A malicious actor may present this request URL to the user through an XSS attack or phishing campaign.
Knowledge article
For the latest update on this issue see the corresponding Knowledge article: TSB 2023-630: Apache Knox - Server-side Request Forgery in host parameter