Vulnerabilities > CVE-2019-0201 - Missing Authorization vulnerability in multiple products

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
apache
debian
redhat
oracle
netapp
CWE-862
nessus

Summary

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by getACL() request for unauthenticated or unprivileged users.

Vulnerable Configurations

Part Description Count
Application
Apache
74
Application
Redhat
1
Application
Oracle
8
Application
Netapp
1
OS
Debian
2
OS
Netapp
1
Hardware
Netapp
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0237_ZOOKEEPER.NASL
    descriptionAn update of the zookeeper package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id126205
    published2019-06-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126205
    titlePhoton OS 1.0: Zookeeper PHSA-2019-1.0-0237
  • NASL familyMisc.
    NASL idAPACHE_ZOOKEEPER_3_5_5.NASL
    descriptionThe version of Apache ZooKeeper listening on the remote host is prior to 3.4.14 or 3.5.x prior to 3.5.5. It is, therefore, affected by an information disclosure vulnerability in ZooKeeper
    last seen2020-06-01
    modified2020-06-02
    plugin id125635
    published2019-05-31
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125635
    titleApache ZooKeeper < 3.4.14 / 3.5.x < 3.5.5 Information Disclosure
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4461.NASL
    descriptionHarrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure.
    last seen2020-06-01
    modified2020-06-02
    plugin id125859
    published2019-06-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125859
    titleDebian DSA-4461-1 : zookeeper - security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1801.NASL
    descriptionIt was discovered that there was an information disclosure vulnerability in zookeeper, a distributed co-ordination server. Users who were not authorised to read data were able to view the access control list. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id125407
    published2019-05-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125407
    titleDebian DLA-1801-1 : zookeeper security update

Redhat

advisories
  • rhsa
    idRHSA-2019:3140
  • rhsa
    idRHSA-2019:3892
  • rhsa
    idRHSA-2019:4352

References