28 matches found
EUVD-2023-1824
Malicious code in bioql PyPI...
org.apache.accumulo:accumulo-test (=2.1.0) potentially affected by CVE-2023-34340 via org.apache.accumulo:accumulo-shell (=2.1.0)
org.apache.accumulo:accumulo-shell MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.accumulo:accumulo-shell and may be impacted: - org.apache.accumulo:accumulo-test =2.1.0 Source cves: CVE-2023-34340 Source advisory:...
Apache Accumulo Improper Authentication vulnerability
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
GHSA-HP5W-W29M-VG63 Apache Accumulo Improper Authentication vulnerability
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
Authentication flaw
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340 Apache Accumulo: Accumulo 2.1.0 may incorrectly validate cached credentials
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340 Apache Accumulo: Accumulo 2.1.0 may incorrectly validate cached credentials
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340
CVE-2023-34340 affects Apache Accumulo 2.1.0. A defect in the user authentication process may allow access despite invalid credentials, per multiple sources. Upgrade to 2.1.1 is recommended as the remediation in the public advisories (e.g., Apache Accumulo 2.1.1 release notes). The CVSS data in t...
CVE-2023-34340 Apache Accumulo: Accumulo 2.1.0 may incorrectly validate cached credentials
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
Apache Accumulo 授权问题漏洞
Apache Accumulo is a reliable, scalable, high-performance sorted distributed Key-Value storage application from the Apache Foundation USA. An authorization issue vulnerability exists in Apache Accumulo version 2.1.0 that stems from a flaw in the user authentication process, which may succeed when...
PT-2023-24826 · Apache · Apache Accumulo
Name of the Vulnerable Software and Affected Versions: Apache Accumulo version 2.1.0 Description: The issue affects the user authentication process in Apache Accumulo, where a defect may allow authentication to succeed even when invalid credentials are provided. Recommendations: For Apache Accumu...
com.twitter.ambrose:ambrose-hive (>=0.2.6 <=0.3.0), org.securegraph:securegraph-accumulo (>=0.5.0 <=0.8.1) +5 more potentially affected by CVE-2014-3627 via org.apache.hadoop:hadoop-client (>=0.23.10 <=0.23.9)
org.apache.hadoop:hadoop-client MAVEN version =0.23.10, =0.2.6, =0.5.0, =0.5.0, =0.5.0, =0.6.0, =0.5.0, =0.5.0, =0.8.1 Source cves: CVE-2014-3627 Source advisory: OSV:GHSA-JPMF-8CJ2-595G...
org.apache.hadoop:hadoop-client (>=0.23.7 <=0.23.11), org.apache.hama:hama-yarn (>=0.5.0 <=0.6.2) +6 more potentially affected by CVE-2013-2192 via org.apache.hadoop:hadoop-common (>=0.23.1 <=0.23.8)
org.apache.hadoop:hadoop-common MAVEN version =0.23.1, =0.23.7, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.6.0, =0.5.0, =0.5.0, =0.8.1 Source cves: CVE-2013-2192 Source advisory: OSV:GHSA-PXV5-5VMP-3JJ4...
org.apache.hadoop:hadoop-client (=0.23.10), org.apache.hama:hama-yarn (>=0.5.0 <=0.6.2) +6 more potentially affected by CVE-2014-0229 via org.apache.hadoop:hadoop-common (>=0.23.1 <=0.23.10)
org.apache.hadoop:hadoop-common MAVEN version =0.23.1, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.6.0, =0.5.0, =0.5.0, =0.8.1 Source cves: CVE-2014-0229 Source advisory: OSV:GHSA-9R7G-325H-MXRM...
org.apache.accumulo:accumulo-minicluster (=2.0.0), org.apache.accumulo:accumulo-test (=2.0.0) +1 more potentially affected by CVE-2020-17533 via org.apache.accumulo:accumulo-master (=2.0.0)
org.apache.accumulo:accumulo-master MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.accumulo:accumulo-master and may be impacted: - org.apache.accumulo:accumulo-minicluster =2.0.0 - org.apache.accumulo:accumulo-test =2.0...
GHSA-GRC3-8Q8M-4J7C Improper privilege handling in Apache Accumulo
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
Improper privilege handling in Apache Accumulo
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
Apache Accumulo Access Control Error Vulnerability
Apache Accumulo is a reliable, scalable, high-performance sorted distributed Key-Value storage application from the Apache Foundation. An access control error vulnerability exists in Apache Accumulo versions 1.5.0 through 1.10.0 and 2.0.0 due to an authenticated user failing to properly check the...
CVE-2020-17533
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...