Lucene search
K

5 matches found

OSV
OSV
added 2022/05/13 1:5 a.m.3 views

GHSA-CCQF-C5HQ-77MP Missing Authorization in Apache ZooKeeper

No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader...

7.5CVSS7.2AI score0.08724EPSS
Exploits0References13
OpenVAS
OpenVAS
added 2019/11/26 12:0 a.m.142 views

Apache ZooKeeper < 3.4.14, 3.5.0-alpha - 3.5.4-beta Information Disclosure Vulnerability

Apache ZooKeeper is prone to an information disclosure vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

5.9CVSS6AI score0.09634EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2019/05/29 6:54 p.m.43 views

Access control bypass in Apache ZooKeeper

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper?s getACL command doesn?t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider...

5.9CVSS2.4AI score0.09634EPSS
Exploits0References22Affected Software1
OSV
OSV
added 2019/05/23 2:29 p.m.3 views

UBUNTU-CVE-2019-0201

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider...

5.9CVSS6.8AI score0.09634EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/05/23 12:0 a.m.6 views

PT-2019-5356 · Apache +3 · Apache Zookeeper +3

Name of the Vulnerable Software and Affected Versions: Apache ZooKeeper versions 1.0.0 through 3.4.13 Apache ZooKeeper versions 3.5.0-alpha through 3.5.4-beta Description: The issue is related to ZooKeeper’s getACL command, which does not check any permission when retrieving the ACLs of the...

9.8CVSS6.6AI score0.99856EPSS
Exploits20References160
Rows per page
Query Builder