Lucene search
K

4 matches found

OSV
OSV
added 2022/05/13 1:8 a.m.6 views

GHSA-7CWJ-J333-X7F7 Uncontrolled Resource Consumption in Apache ZooKeeper

Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10,...

7.5CVSS7.1AI score0.73654EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2017/11/30 4:47 p.m.3 views

zookeeper: Incorrect input validation with wchp/wchc four letter words

A denial of service vulnerability was discovered in ZooKeeper which allows an attacker to dramatically increase CPU utilization by abusing "wchp/wchc" commands, leading to the server being unable to serve legitimate requests...

7.5CVSS7.4AI score0.73654EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/11/30 4:46 p.m.7 views

zookeeper: Incorrect input validation with wchp/wchc four letter words

A denial of service vulnerability was discovered in ZooKeeper which allows an attacker to dramatically increase CPU utilization by abusing "wchp/wchc" commands, leading to the server being unable to serve legitimate requests...

7.5CVSS7.4AI score0.73654EPSS
Exploits0References4
Veracode
Veracode
added 2017/02/15 6:56 a.m.30 views

Denial Of Service (DoS)

zookeeper is vulnerable to denial of service DoS attacks. The vulnerability is possible because it does not properly handle four letter zookeeper commands such as wchp /wchc/wchc . Therefore, when non-trusted clients get access to the client port i.e., if the zookeeper service is not protected...

7.5CVSS7.3AI score0.73654EPSS
Exploits0References17Affected Software2
Rows per page
Query Builder