PT-2019-16990 · Apache+1 · Zookeeper+1
Published
2019-12-10
·
Updated
2019-12-13
·
CVE-2019-4244
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
IBM SmartCloud Analytics versions 1.3.1 through 1.3.5
Description
The issue allows a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication.
Recommendations
For IBM SmartCloud Analytics versions 1.3.1 through 1.3.5, consider implementing authentication mechanisms for Zookeeper installations to prevent unauthorized access until a patch is available.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Smartcloud Analytics
Zookeeper