CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51504 – Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server
https://notcve.org/view.php?id=CVE-2024-51504
07 Nov 2024 — When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which uses HTTP request headers, is weak and allows an attacker to bypass authentication via spoofing client's IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client's IP add... • https://lists.apache.org/thread/b3qrmpkto5r6989qr61fw9y2x646kqlh • CWE-290: Authentication Bypass by Spoofing •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23944 – Apache ZooKeeper: Information disclosure in persistent watcher handling
https://notcve.org/view.php?id=CVE-2024-23944
15 Mar 2024 — Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher (addWatch command) to a parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when the persistent watcher is triggered and as a consequence, the full path of znodes that a watch event gets triggered upon is exposed to the owner of the watcher. It's important to note that only the path is exposed b... • http://www.openwall.com/lists/oss-security/2024/03/14/2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-44981 – Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication
https://notcve.org/view.php?id=CVE-2023-44981
11 Oct 2023 — Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating count... • http://www.openwall.com/lists/oss-security/2023/10/11/4 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.9EPSS: 1%CPEs: 8EXPL: 0CVE-2021-21295 – Possible request smuggling in HTTP/2 due missing validation
https://notcve.org/view.php?id=CVE-2021-21295
09 Mar 2021 — Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If th... • https://github.com/Netflix/zuul/pull/980 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2019-0201 – zookeeper: Information disclosure in Apache ZooKeeper
https://notcve.org/view.php?id=CVE-2019-0201
23 May 2019 — An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by getACL() request for unauthentica... • http://www.securityfocus.com/bid/108427 • CWE-732: Incorrect Permission Assignment for Critical Resource CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-8012 – Debian Security Advisory 4214-1
https://notcve.org/view.php?id=CVE-2018-8012
21 May 2018 — No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader. No se aplica autenticación/autorización cuando un servidor intenta unirse a un quorum en Apache ZooKeeper en versiones anteriores a la 3.4.10 y 3.5.0-alpha hasta 3.5.3-beta. Como resultado, un endpoint arbitrario podría unirse al clúster y co... • http://www.securityfocus.com/bid/104253 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 16%CPEs: 14EXPL: 1CVE-2017-5637 – Zookeeper 3.5.2 Client - Denial of Service
https://notcve.org/view.php?id=CVE-2017-5637
15 Aug 2017 — Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later. Dos comandos con palabras de cuatro letras "wchp/wchc" provocan un gran consumo de CPU y podrían dar lugar a que se alcance el máximo uso de CPU en el servidor Apache ZooKeeper si se abusa de ellos,... • https://www.exploit-db.com/exploits/42294 • CWE-20: Improper Input Validation CWE-306: Missing Authentication for Critical Function CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 10%CPEs: 4EXPL: 1CVE-2016-5017 – ZooKeeper 3.4.8 / 3.5.2 Buffer Overflow
https://notcve.org/view.php?id=CVE-2016-5017
16 Sep 2016 — Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string. Desbordamiento de búfer en el shell C cli en Apache Zookeeper en versiones anteriores a 3.4.9 y 3.5.x en versiones anteriores a 3.5.3, cuando se utiliza la sintaxis por lotes "cmd:", permite a atacantes tener impacto no especificado a través de una cadena de comandos larga. ZooKeeper versions 3.4.0 through ... • http://packetstormsecurity.com/files/138755/ZooKeeper-3.4.8-3.5.2-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •