CVE-2020-17533

Name of the Vulnerable Software and Affected Versions Apache Accumulo versions 1.5.0 through 1.10.0 Apache Accumulo version 2.0.0

Description The issue arises from improper checking of return values of certain policy enforcement functions, specifically the canFlush and canPerformSystemActions security functions. This allows an authenticated user with insufficient permissions to perform administrative operations such as flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties.

Recommendations For Apache Accumulo versions 1.5.0 through 1.10.0, consider restricting access to administrative operations until a proper fix is applied. For Apache Accumulo version 2.0.0, consider temporarily disabling the canFlush and canPerformSystemActions security functions to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.