CVE-2023-44981 Report - Details, Severity, & Advisories
Twingate Team
•
Jun 28, 2024
What is CVE-2023-44981?
CVE-2023-44981 is a critical security vulnerability in Apache ZooKeeper affecting systems with SASL Quorum Peer authentication enabled. This authorization bypass allows an arbitrary endpoint to join the cluster and propagate counterfeit changes, granting complete read-write access to the data tree. Users are advised to update their systems to mitigate this risk.
Who is impacted by CVE-2023-44981?
CVE-2023-44981 affects users of Apache ZooKeeper with SASL Quorum Peer authentication enabled, specifically versions 3.9.0, 3.8.0 through 3.8.2, 3.7.0 through 3.7.1, and versions before 3.7.0. Debian 10 buster and other Debian distributions running affected versions of ZooKeeper are also impacted.
What to do if CVE-2023-44981 affected you
If you're affected by the CVE-2023-44981 vulnerability, it's crucial to take action to secure your system. To do this, follow these simple steps:
Upgrade to Apache ZooKeeper version 3.9.1, 3.8.3, or 3.7.2, which contain the fix for the issue.
Ensure your ensemble election/quorum communication is protected by a firewall to mitigate the risk.
For Debian users, upgrade the Zookeeper packages to the fixed versions provided in the security updates.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-44981 vulnerability in Apache ZooKeeper is not listed in CISA's Known Exploited Vulnerabilities Catalog. This authorization bypass issue affects systems with SASL Quorum Peer authentication enabled and allows an arbitrary endpoint to join the cluster, granting it complete read-write access to the data tree. Users are advised to upgrade to Apache ZooKeeper version 3.9.1, 3.8.3, or 3.7.2 or protect the ensemble election/quorum communication with a firewall to mitigate the risk.
Weakness Enumeration
The weakness enumeration for this vulnerability is categorized as CWE-639, an authorization bypass through user-controlled key issue in Apache ZooKeeper's SASL Quorum Peer authentication.
Learn More
For a comprehensive understanding of the vulnerability, its severity, and technical details, refer to the NVD page and the sources listed below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2023-44981 Report - Details, Severity, & Advisories
Twingate Team
•
Jun 28, 2024
What is CVE-2023-44981?
CVE-2023-44981 is a critical security vulnerability in Apache ZooKeeper affecting systems with SASL Quorum Peer authentication enabled. This authorization bypass allows an arbitrary endpoint to join the cluster and propagate counterfeit changes, granting complete read-write access to the data tree. Users are advised to update their systems to mitigate this risk.
Who is impacted by CVE-2023-44981?
CVE-2023-44981 affects users of Apache ZooKeeper with SASL Quorum Peer authentication enabled, specifically versions 3.9.0, 3.8.0 through 3.8.2, 3.7.0 through 3.7.1, and versions before 3.7.0. Debian 10 buster and other Debian distributions running affected versions of ZooKeeper are also impacted.
What to do if CVE-2023-44981 affected you
If you're affected by the CVE-2023-44981 vulnerability, it's crucial to take action to secure your system. To do this, follow these simple steps:
Upgrade to Apache ZooKeeper version 3.9.1, 3.8.3, or 3.7.2, which contain the fix for the issue.
Ensure your ensemble election/quorum communication is protected by a firewall to mitigate the risk.
For Debian users, upgrade the Zookeeper packages to the fixed versions provided in the security updates.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-44981 vulnerability in Apache ZooKeeper is not listed in CISA's Known Exploited Vulnerabilities Catalog. This authorization bypass issue affects systems with SASL Quorum Peer authentication enabled and allows an arbitrary endpoint to join the cluster, granting it complete read-write access to the data tree. Users are advised to upgrade to Apache ZooKeeper version 3.9.1, 3.8.3, or 3.7.2 or protect the ensemble election/quorum communication with a firewall to mitigate the risk.
Weakness Enumeration
The weakness enumeration for this vulnerability is categorized as CWE-639, an authorization bypass through user-controlled key issue in Apache ZooKeeper's SASL Quorum Peer authentication.
Learn More
For a comprehensive understanding of the vulnerability, its severity, and technical details, refer to the NVD page and the sources listed below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2023-44981 Report - Details, Severity, & Advisories
Twingate Team
•
Jun 28, 2024
What is CVE-2023-44981?
CVE-2023-44981 is a critical security vulnerability in Apache ZooKeeper affecting systems with SASL Quorum Peer authentication enabled. This authorization bypass allows an arbitrary endpoint to join the cluster and propagate counterfeit changes, granting complete read-write access to the data tree. Users are advised to update their systems to mitigate this risk.
Who is impacted by CVE-2023-44981?
CVE-2023-44981 affects users of Apache ZooKeeper with SASL Quorum Peer authentication enabled, specifically versions 3.9.0, 3.8.0 through 3.8.2, 3.7.0 through 3.7.1, and versions before 3.7.0. Debian 10 buster and other Debian distributions running affected versions of ZooKeeper are also impacted.
What to do if CVE-2023-44981 affected you
If you're affected by the CVE-2023-44981 vulnerability, it's crucial to take action to secure your system. To do this, follow these simple steps:
Upgrade to Apache ZooKeeper version 3.9.1, 3.8.3, or 3.7.2, which contain the fix for the issue.
Ensure your ensemble election/quorum communication is protected by a firewall to mitigate the risk.
For Debian users, upgrade the Zookeeper packages to the fixed versions provided in the security updates.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-44981 vulnerability in Apache ZooKeeper is not listed in CISA's Known Exploited Vulnerabilities Catalog. This authorization bypass issue affects systems with SASL Quorum Peer authentication enabled and allows an arbitrary endpoint to join the cluster, granting it complete read-write access to the data tree. Users are advised to upgrade to Apache ZooKeeper version 3.9.1, 3.8.3, or 3.7.2 or protect the ensemble election/quorum communication with a firewall to mitigate the risk.
Weakness Enumeration
The weakness enumeration for this vulnerability is categorized as CWE-639, an authorization bypass through user-controlled key issue in Apache ZooKeeper's SASL Quorum Peer authentication.
Learn More
For a comprehensive understanding of the vulnerability, its severity, and technical details, refer to the NVD page and the sources listed below.
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions