- Vulnerability/
- USN-6559-1
USN-6559-1: ZooKeeper vulnerabilities
First published: Tue Jan 16 2024(Updated: )
It was discovered that ZooKeeper incorrectly handled authorization for the getACL() command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-0201) Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-44981)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libzookeeper-java | <3.8.0-11ubuntu0.1 | 3.8.0-11ubuntu0.1 |
| Ubuntu Ubuntu | =23.10 | |
| All of | ||
| ubuntu/libzookeeper-java | <3.8.0-10ubuntu0.1 | 3.8.0-10ubuntu0.1 |
| Ubuntu Ubuntu | =23.04 | |
| All of | ||
| ubuntu/libzookeeper-java | <3.4.13-6ubuntu4.1 | 3.4.13-6ubuntu4.1 |
| Ubuntu Ubuntu | =22.04 | |
| All of | ||
| ubuntu/libzookeeper-java | <3.4.13-5ubuntu0.1 | 3.4.13-5ubuntu0.1 |
| Ubuntu Ubuntu | =20.04 | |
| All of | ||
| ubuntu/libzookeeper-java | <3.4.13-3ubuntu0.1~esm1 | 3.4.13-3ubuntu0.1~esm1 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/libzookeeper-java | <3.4.8-1ubuntu0.1~esm2 | 3.4.8-1ubuntu0.1~esm2 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/libzookeeper-java | <3.4.5+dfsg-1ubuntu0.1~esm3 | 3.4.5+dfsg-1ubuntu0.1~esm3 |
| Ubuntu Ubuntu | =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2023-44981
- https://ubuntu.com/security/CVE-2019-0201
- https://launchpad.net/ubuntu/+source/zookeeper/3.8.0-11ubuntu0.1
- https://launchpad.net/ubuntu/+source/zookeeper/3.8.0-10ubuntu0.1
- https://launchpad.net/ubuntu/+source/zookeeper/3.4.13-6ubuntu4.1
- https://launchpad.net/ubuntu/+source/zookeeper/3.4.13-5ubuntu0.1
- https://ubuntu.com/security/notices/USN-6559-1 (Advisory)
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/severity
- agent/title
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/23.10
- version/ubuntu ubuntu/23.04
- version/ubuntu ubuntu/22.04
- version/ubuntu ubuntu/20.04
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04