CVE-2015-1836

HIGH

IBM InfoSphere BigInsights 3.0-3.0.0.2 - Improper Access Control in ZooKeeper Coordination State

Title source: llm
STIX 2.1

Description

Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic.

References (4)

Core 4

Scores

CVSS v3 7.3
EPSS 0.0742
EPSS Percentile 93.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-284
Status published
Products (19)
apache/hbase 0.98.0
apache/hbase 0.98.1
apache/hbase 0.98.2
apache/hbase 0.98.3
apache/hbase 0.98.4
apache/hbase 0.98.5
apache/hbase 0.98.6
apache/hbase 0.98.6.1
apache/hbase 0.98.7
apache/hbase 0.98.8
... and 9 more
Published Dec 21, 2015
Tracked Since Feb 18, 2026