27 matches found
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2017-5637, CVE-2019-0201, CVE-2018-8012, CVE-2023-44981)
Summary IBM Security Guardium uses Apache ZooKeeper as a component. This component has multiple vulnerabilities which might affect the product. These vulnerabilities have been addressed in an update. Vulnerability Details CVEID:CVE-2017-5637 DESCRIPTION: Apache Zookeeper is vulnerable to a denial...
Security Bulletin: Vulnerabilities in Apache ZooKeeper affect IBM watsonx.data
Summary Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information or allow a remote attacker to bypass security restrictions. These can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2024-23944 DESCRIPTION: Apache ZooKeeper could allow a remote...
Security Bulletin: IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455 , CVE-2023-34454 and CVE-2023-43642
Summary IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 and CVE-2023-43642. This bulletin contains information regarding the vulnerability and its remediation...
Security Bulletin: IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455 , CVE-2023-34454 and CVE-2023-43642
Summary IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 and CVE-2023-43642. This bulletin contains information regarding the vulnerability and its remediation...
Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update
Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Apache ZooKeeper security bypass vulnerabilitiy. (CVE-2023-44981)
Summary Potential Apache ZooKeeper security bypass vulnerabilitiy CVE-2023-44981 has been identified that affects IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-44981...
Moderate: Red Hat Security Advisory: Red Hat AMQ Broker 7.10.6 release and security update
Red Hat AMQ Broker 7.10.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Moderate: Red Hat Security Advisory: Red Hat AMQ Broker 7.11.6 release and security update
Red Hat AMQ Broker 7.11.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Ubuntu: Security Advisory (USN-6559-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in ZooKeeper affects IBM Process Mining CVE-2023-44981
Summary There is a vulnerability in ZooKeeper that could allow an attacker to bypass security restrictions on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-44981...
FreeBSD : apache -- Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication (2bc376c0-977e-11ee-b4bc-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2bc376c0-977e-11ee-b4bc-b42e991fc52e advisory. - Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Pe...
Security Bulletin: Due to the use of Apache ZooKeeper, IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is vulnerable to security bypass.
Summary Apache ZooKeeper is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library. CVE-2023-44981 Vulnerability Details CVEID:CVE-2023-44981 DESCRIPTION: Apache ZooKeeper could allow a remote attacker to bypass security restrictions, caused by a flaw when SASL Quorum Peer...
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.6.0 release and security update
Red Hat AMQ Streams 2.6.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache ZooKeeper
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Apache ZooKeeper. Vulnerability Details CVEID: CVE-2023-44981 DESCRIPTION: Apache ZooKeeper could allow a remote attacker to bypass security restrictions, caused by a flaw when SASL Quorum Peer...
Debian DSA-5544-1 : zookeeper - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5544 advisory. Damien Diederen discovered that SASL quorum peer authentication within Zookeeper, a service for maintaining configuration information, was insufficiently enforced in...
[SECURITY] [DSA 5544-1] zookeeper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5544-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 31, 2023 https://www.debian.org/security/faq -...
Debian dla-3624 : libzookeeper-java - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3624 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3624-1 [email protected] https://www.debian.org/lts/security/...
Apache ZooKeeper 3.7.x < 3.7.2, 3.8.x < 3.8.3, 3.9.x < 3.9.1 Authorization Bypass
The version of Apache ZooKeeper listening on the remote host is prior to 3.7.2, 3.8.x prior to 3.8.3 or 3.9.x prior to 3.9.1. It is, therefore, affected by the following: - Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is...
com.digitalpebble.stormcrawler:storm-crawler-solr (=2.11), com.github.paulcwarren:content-solr-spring-boot-starter (=3.0.7) +108 more potentially affected by CVE-2023-44981 via org.apache.zookeeper:zookeeper (=3.9.0)
org.apache.zookeeper:zookeeper MAVEN version =3.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.zookeeper:zookeeper and may be impacted: - com.digitalpebble.stormcrawler:storm-crawler-solr =2.11 -...
CVE-2023-44981
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper quorum.auth.enableSasl=true, the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The...