Billie Rinaldi

**Name of the Vulnerable Software and Affected Versions** Apache Accumulo versions 1.5.0 through 1.10.0 Apache Accumulo version 2.0.0 **Description** The issue arises from improper checking of return values of certain policy enforcement functions, specifically the `canFlush` and `canPerformSystemActions` security functions. This allows an authenticated user with insufficient permissions to perform administrative operations such as flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties. **Recommendations** For Apache Accumulo versions 1.5.0 through 1.10.0, consider restricting access to administrative operations until a proper fix is applied. For Apache Accumulo version 2.0.0, consider temporarily disabling the `canFlush` and `canPerformSystemActions` security functions to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.