Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zookeeper vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2019-4244
IBM SmartCloud Analytics 1.3.1 up to and including 1.3.5 could allow a remote malicious user to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication. IBM X-Force ID: 159518.
Ibm Smartcloud Analytics Log Analysis
10
CVSSv2
CVE-2019-5029
An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKe...
Exhibitor Project Exhibitor
1 Github repository
4.3
CVSSv2
CVE-2019-0201
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string...
Apache Zookeeper 3.5.3
Apache Zookeeper 3.5.0
Apache Zookeeper
Apache Zookeeper 3.5.1
Apache Zookeeper 3.5.2
Apache Zookeeper 3.5.4
Apache Drill 1.16.0
Apache Activemq 5.15.9
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Fuse 1.0.0
Oracle Goldengate Stream Analytics
Oracle Siebel Core - Server Framework
Oracle Timesten In-memory Database
Netapp Hci Bootstrap Os -
Netapp Element Software -
1 Article
5
CVSSv2
CVE-2019-11579
dhcp.c in dhcpcd prior to 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
Dhcpcd Project Dhcpcd
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2018-3825
In Elastic Cloud Enterprise (ECE) versions before 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, this master key is predictable across all ECE deployments. If an attacker can conn...
Elastic Elastic Cloud Enterprise
2.1
CVSSv2
CVE-2018-8010
This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). In addition, Xinclude functionality provided in these config files is also affected in a similar w...
Apache Solr
5
CVSSv2
CVE-2018-8012
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper prior to 3.4.10, and 3.5.0-alpha up to and including 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the lead...
Apache Zookeeper 3.5.3
Apache Zookeeper 3.5.0
Apache Zookeeper
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Goldengate Stream Analytics
4.3
CVSSv2
CVE-2017-8444
The client-forwarder in Elastic Cloud Enterprise versions before 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data.
Elasticsearch Cloud Enterprise 1.0.1
Elasticsearch Cloud Enterprise 1.0.0
6.4
CVSSv2
CVE-2017-6711
A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote malicious user to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeepe...
Cisco Ultra Services Framework
7.5
CVSSv2
CVE-2015-1836
Apache HBase 0.98 prior to 0.98.12.1, 1.0 prior to 1.0.1.1, and 1.1 prior to 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote malicious users to cause a denial of...
Ibm Infosphere Biginsights 3.0.0.2
Ibm Infosphere Biginsights 3.0.0.0
Ibm Infosphere Biginsights 3.0.0.1
Apache Hbase 0.98.1
Apache Hbase 0.98.9
Apache Hbase 0.98.2
Apache Hbase 0.98.4
Apache Hbase 0.98.11
Apache Hbase 0.98.3
Apache Hbase 0.98.8
Apache Hbase 0.98.10
Apache Hbase 0.98.7
Apache Hbase 0.98.6.1
Apache Hbase 0.98.5
Apache Hbase 0.98.12
Apache Hbase 0.98.10.1
Apache Hbase 0.98.6
Apache Hbase 0.98.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2