15 matches found
Security Bulletin: Multiple security vulnerabilities have been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics
Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details CVEID:CVE-2017-12973 DESCRIPTION: Connect2id Nimbus JOSE+JWT could provide...
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2017-5637, CVE-2019-0201, CVE-2018-8012, CVE-2023-44981)
Summary IBM Security Guardium uses Apache ZooKeeper as a component. This component has multiple vulnerabilities which might affect the product. These vulnerabilities have been addressed in an update. Vulnerability Details CVEID:CVE-2017-5637 DESCRIPTION: Apache Zookeeper is vulnerable to a denial...
cn.acooly:acooly-auth-wechat-authenticator (=5.2.1), cn.org.thinkcloud:think-cloud-starter-id (=2.0.1.RELEASE) +467 more potentially affected by CVE-2018-8012 via org.apache.zookeeper:zookeeper (>=3.5.0-alpha <=3.5.3-beta)
org.apache.zookeeper:zookeeper MAVEN version =3.5.0-alpha, =3.2.0, =3.0.5, =3.0.5, =0.85, =3.2.0, =3.2.0, =3.3.0-RELEASE, =0.2.2, =0.1.2, =0.2.0, =0.2.1 and more Source cves: CVE-2018-8012 Source advisory: OSV:GHSA-CCQF-C5HQ-77MP...
Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities
Summary The Planning Analytics Workspace component of IBM Planning Analytics is affected by vulnerabilities These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 68. Vulnerability Details CVEID: CVE-2019-10086 DESCRIPTION: Apache Commons Beanutils...
Apache ZooKeeper < 3.4.10, 3.5.0-alpha - 3.5.3-beta Quorum Peer Mutual Authentication Vulnerability
Apache ZooKeeper is prone to a Quorum Peer mutual authentication vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...
Security Bulletin: InfoSphere Data Replication is affected by an Apache ZooKeeper open source library vulnerability
Summary InfoSphere Data Replication has addressed the following vulnerability: CVE-2018-8012 - Apache Zookeeper could allow a remote attacker to bypass security restrictions, caused by the failure to enforce authentication or authorization when a server attempts to join a quorum. An attacker coul...
Security Bulletin: IBM QRadar Incident Forensics is vulnerable to Public disclosed vulnerability from Apache ZooKeeper (CVE-2018-8012)
Summary Public disclosed vulnerability from Apache ZooKeeper Vulnerability Details CVEID: CVE-2018-8012 Description: Apache Zookeeper could allow a remote attacker to bypass security restrictions, caused by the failure to enforce authentication or authorization when a server attempts to join a...
Security Bulletin: A Security Vulnerability affects IBM® Cloud Private (CVE-2018-8012)
Summary IBM Cloud Private is vulnerable to a security vulnerability Vulnerability Details CVEID: CVE-2018-8012 DESCRIPTION: Apache Zookeeper could allow a remote attacker to bypass security restrictions, caused by the failure to enforce authentication or authorization when a server attempts to jo...
Debian DSA-4214-1 : zookeeper - security update
It was discovered that Zookeeper, a service for maintaining configuration information, enforced no authentication/authorisation when a server attempts to join a Zookeeper quorum. This update backports authentication support. Additional configuration steps are needed, please see...
[SECURITY] [DSA 4214-1] zookeeper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4214-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2018 https://www.debian.org/security/faq -...
CVE-2018-8012
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader...
CVE-2018-8012
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader...
CVE-2018-8012
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader...
CVE-2018-8012
CVE-2018-8012 affects Apache ZooKeeper: no authentication/authorization is enforced when a server attempts to join a quorum (before 3.4.10 and 3.5.0-alpha to 3.5.3-beta). This allows an arbitrary endpoint to join the cluster and propagate counterfeit changes to the leader. IBM and related advisor...
CVE-2018-8012
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader...