[
https://issues.apache.org/jira/browse/HBASE-28178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Kyle Purtell updated HBASE-28178:
----------------------------------------
Description:
CVE-2023-44981 is a high scoring (9.1/10) authentication bypass vulnerability
in ZooKeeper related to SASL quorum authentication. The bug is fixed in
versions 3.7.2, 3.8.3, and 3.9.1.
Upgrade ZK versions on all active branches. At least 3.7.2.
was:
CVE-2023-44981 is a high scoring (9.1/10) authorization bypass vulnerability in
ZooKeeper related to SASL quorum authentication. The bug is fixed in versions
3.7.2, 3.8.3, and 3.9.1.
Upgrade ZK versions on all active branches. At least 3.7.2.
> Upgrade ZooKeeper on all branches for CVE-2023-44981
> ----------------------------------------------------
>
> Key: HBASE-28178
> URL: https://issues.apache.org/jira/browse/HBASE-28178
> Project: HBase
> Issue Type: Task
> Reporter: Andrew Kyle Purtell
> Assignee: Andrew Kyle Purtell
> Priority: Major
> Fix For: 2.6.0, 2.4.18, 3.0.0-beta-1, 4.0.0-alpha-1, 2.5.7
>
>
> CVE-2023-44981 is a high scoring (9.1/10) authentication bypass vulnerability
> in ZooKeeper related to SASL quorum authentication. The bug is fixed in
> versions 3.7.2, 3.8.3, and 3.9.1.
> Upgrade ZK versions on all active branches. At least 3.7.2.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
