CVE-2025-58457

MEDIUM

Apache ZooKeeper <3.9.4 - Privilege Escalation

Title source: llm

Description

Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be mitigated by disabling both commands (via admin.snapshot.enabled and admin.restore.enabled), disabling the whole AdminServer interface (via admin.enableServer), or ensuring that the root ACL does not provide open permissions. (Note that ZooKeeper ACLs are not recursive, so this does not impact operations on child nodes besides notifications from recursive watches.)

References (2)

[Mailing List, Vendor Advisory] https://lists.apache.org/thread/r5yol0kkhx2fzw22pxk1ozwm3oc6yxrx

[Mailing List] http://www.openwall.com/lists/oss-security/2025/09/24/10

Scores

CVSS v3 4.3

EPSS 0.0014

EPSS Percentile 33.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-280

Status published

Products (2)

apache/zookeeper 3.9.0 - 3.9.4

org.apache.zookeeper/zookeeper 3.9.0 - 3.9.4Maven

Published Sep 24, 2025

Tracked Since Feb 18, 2026