PT-2023-6096 · Apache+3 · Apache Zookeeper+3
Damien Diederen
·
Publicado
2023-10-02
·
Atualizado
2026-05-18
·
CVE-2023-44981
CVSS v3.1
9.1
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Apache ZooKeeper versions prior to 3.7.2
Apache ZooKeeper versions prior to 3.8.3
Apache ZooKeeper versions prior to 3.9.1
Description
The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled, the authorization check can be skipped if the instance part in the SASL authentication ID is missing. This allows an arbitrary endpoint to join the cluster and propagate counterfeit changes to the leader, giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default.
Recommendations
To resolve the issue, upgrade to version 3.7.2, 3.8.3, or 3.9.1, which fixes the issue.
Alternatively, ensure the ensemble election/quorum communication is protected by a firewall to mitigate the issue.
Correção
IDOR
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Apache Zookeeper
Linuxmint
Red Os
Ubuntu