Vulnerability of Cloudera CDH

1. A concise explanation of the problem you're experiencing.
We scanned 1.36 version of cesium using Black Duck software and it has Cloudera CDH

Description - Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. 2017-04-14T15:42:15.643Z 2017-04-14T16:43:04.983Z - Vulnerability id #CVE-2016-6605

2. A minimal code example. If you've found a bug, this helps us reproduce and repair it.

Can we upgrade the Cloudera CDH to higher version?

I’m not a Cesium developer, but… how does this have anything to do with Cesium? Cesium is a Javascript 3D globe library. Cloudera CDH appears to be… some kind of “Big Data” server tool that uses Apache Hadoop or something. A search of the Cesium repo for the word “cloudera” turns up exactly 0 hits in either the code or the issues.

As far as I can tell, Cloudera is completely unrelated to Cesium, and this request is meaningless.

What “scan” did you actually run, how did you run it, and what did it supposedly find?