Showing 1 - 4 of 4

CVE-2023-44981

Status Candidate

Overview

Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating counterfeit changes to the leader, essentially giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default. Users are recommended to upgrade to version 3.9.1, 3.8.3, 3.7.2, which fixes the issue. Alternately ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue. See the documentation for more details on correct cluster administration.

Related Files

Red Hat Security Advisory 2024-0903-03: Posted Feb 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0903-03 - Red Hat AMQ Broker 7.10.6 is now available from the Red Hat Customer Portal. Issues addressed include a bypass vulnerability.; tags | advisory, bypass; systems | linux, redhat; advisories | CVE-2023-44981; SHA-256 | dd420bf69e5d471a1c9a71d726fa2114d18977f15d4ce47c39c7fe25d9c68ff7; Download | Favorite | View

Red Hat Security Advisory 2024-0705-03: Posted Feb 7, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0705-03 - Red Hat AMQ Broker 7.11.6 is now available from the Red Hat Customer Portal. Issues addressed include a bypass vulnerability.; tags | advisory, bypass; systems | linux, redhat; advisories | CVE-2023-44981; SHA-256 | acaa8a723e422ed10eac444e7266d380b6b727322d2b82114b0ed40d9f5c6a24; Download | Favorite | View

Ubuntu Security Notice USN-6559-1: Posted Jan 18, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6559-1 - It was discovered that ZooKeeper incorrectly handled authorization for the getACL command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10.; tags | advisory, remote; systems | linux, ubuntu; advisories | CVE-2019-0201, CVE-2023-44981; SHA-256 | 534b6c013d7713c3db3c8290512cdb776320bf30fcdd91612968f64217ae7077; Download | Favorite | View

Debian Security Advisory 5544-1: Posted Nov 13, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5544-1 - Damien Diederen discovered that SASL quorum peer authentication within Zookeeper, a service for maintaining configuration information, was insufficiently enforced in some configurations.; tags | advisory; systems | linux, debian; advisories | CVE-2023-44981; SHA-256 | fe9d2b783337f016e00c6fce9461473975e4396a8a77a7e236d43c73bc5af031; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 269 files
Ubuntu 58 files
Gentoo 32 files
Debian 28 files
Apple 9 files
malvuln 6 files
Ahmet Umit Bayram 4 files
Adam Gowdiak 4 files
nu11secur1ty 4 files
gabe_k 3 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,619)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,770)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,499)
UNIX (9,401)
UnixWare (187)
Windows (6,659)
Other

CVE-2023-44981

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems