Apache-ZooKeeper: Apache ZooKeeper: Information disclosure in persistent watcher handling

A flaw was found in the Apache Zookeeper package. Affected versions of this package are vulnerable to Information Exposure due to a missing ACL check in the handling of persistent watchers. An attacker can monitor child znodes by attaching a persistent watcher addWatch command to a parent node th...

DEBIAN-CVE-2024-23944

Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher addWatch command to a parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when th...

CVE-2024-23944

Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher addWatch command to a parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when th...

Apache Zookeeper 信息泄露漏洞

Apache Zookeeper is a software project of the U.S. Apache Apache Foundation, which is able to provide open source distributed configuration services, synchronization services, and naming registry for large-scale distributed computing. Apache ZooKeeper has an information disclosure vulnerability...

PT-2024-5776 · Apache +2 · Apache Zookeeper +2

Name of the Vulnerable Software and Affected Versions: Apache ZooKeeper versions prior to 3.9.2 Apache ZooKeeper versions prior to 3.8.4 Description: The issue is related to information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker ...