17 matches found
EUVD-2023-1824
Malicious code in bioql PyPI...
Apache Accumulo Improper Authentication vulnerability
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
Authentication flaw
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340 Apache Accumulo: Accumulo 2.1.0 may incorrectly validate cached credentials
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
CVE-2023-34340
CVE-2023-34340 affects Apache Accumulo 2.1.0. A defect in the user authentication process may allow access despite invalid credentials, per multiple sources. Upgrade to 2.1.1 is recommended as the remediation in the public advisories (e.g., Apache Accumulo 2.1.1 release notes). The CVSS data in t...
CVE-2023-34340 Apache Accumulo: Accumulo 2.1.0 may incorrectly validate cached credentials
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1...
PT-2023-24826 · Apache · Apache Accumulo
Name of the Vulnerable Software and Affected Versions: Apache Accumulo version 2.1.0 Description: The issue affects the user authentication process in Apache Accumulo, where a defect may allow authentication to succeed even when invalid credentials are provided. Recommendations: For Apache Accumu...
Improper privilege handling in Apache Accumulo
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
Apache Accumulo Access Control Error Vulnerability
Apache Accumulo is a reliable, scalable, high-performance sorted distributed Key-Value storage application from the Apache Foundation. An access control error vulnerability exists in Apache Accumulo versions 1.5.0 through 1.10.0 and 2.0.0 due to an authenticated user failing to properly check the...
CVE-2020-17533
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
CVE-2020-17533
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
Code injection
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
CVE-2020-17533
Summary of CVE-2020-17533 (Apache Accumulo) Root cause: Insufficient verification of the return values from policy-enforcement functions canFlush and canPerformSystemActions, allowing an authenticated user with limited permissions to perform restricted administrative operations. Affected versions...
CVE-2020-17533 Apache Accumulo Improper Handling of Insufficient Permissions
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
British Intelligence Open-Sources its Large-Scale Graph Database Software
UK's Secretive Spy Agency Government Communications Headquarters GCHQ has open-sourced one of its tools on code-sharing website GitHub for free... A graph database called 'Gaffer.' Gaffer, written in Java, is a kind of database that makes it "easy to store large-scale graphs in which the nodes an...