Lucene search
GoogleOSV:CVE-2020-17533HistoryDec 29, 2020 - 12:15 p.m.
CVE-2020-17533
2020-12-2912:15:12
Google
osv.dev
6
cve-2020-17533
apache accumulo
policy enforcement
administrative operations
security functions
authenticated user
permissions
table flushing
shutting down
configuration properties.
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the ‘canFlush’ and ‘canPerformSystemActions’ security functions are not checked in some instances, therefore allowing an authenticated user with insufficient permissions to perform the following actions: flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties.
Related
cvelist
cvelist
CVE-2020-17533 Apache Accumulo Improper Handling of Insufficient Permissions
2020-12-29 11:30:13
github
github
Improper privilege handling in Apache Accumulo
2022-02-09 22:37:59
osv
osv
Improper privilege handling in Apache Accumulo
2022-02-09 22:37:59
prion
prion
Code injection
2020-12-29 12:15:00
nvd
nvd
CVE-2020-17533
2020-12-29 12:15:12
cve
cve
CVE-2020-17533
2020-12-29 12:15:12
veracode
veracode
Authorization Bypass
2020-12-30 01:49:00