Known Issues in Apache Knox
This topic describes known issues and workarounds for using Knox in this release of Cloudera Runtime.
- CDPD-3125: Logging out of Atlas does not manage the external authentication
- At this time, Atlas does not communicate a log-out event with the external authentication management, Apache Knox. When you log out of Atlas, you can still open the instance of Atlas from the same web browser without re-authentication.
- OPSAPS-59751: If Cloudera Manager is configured with Apache Knox, then Replication Manager does not work.
- None
Technical Service Bulletins
- TSB 2022-553: DOM based XSS Vulnerability in Apache Knox
- When using Knox Single Sign On (SSO) in the affected releases, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. The request includes a specially crafted request parameter that could be used to redirect the user to a page controlled by an attacker. This request URL would need to be presented to the user outside the normal request flow through a XSS or phishing campaign.
- Knowledge article
- For the latest update on this issue see the corresponding Knowledge article: TSB 2022-553: DOM based XSS Vulnerability in Apache Knox (“Knox”)