PT-2019-16990 · Apache+1 · Zookeeper+1
Publicado
2019-12-10
·
Atualizado
2019-12-13
·
CVE-2019-4244
CVSS v3.1
9.1
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
IBM SmartCloud Analytics versions 1.3.1 through 1.3.5
Description
The issue allows a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication.
Recommendations
For IBM SmartCloud Analytics versions 1.3.1 through 1.3.5, consider implementing authentication mechanisms for Zookeeper installations to prevent unauthorized access until a patch is available.
Correção
Missing Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Smartcloud Analytics
Zookeeper