USN-6559-1
- Source
- https://ubuntu.com/security/notices/USN-6559-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6559-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-6559-1
- Upstream
- Related
- Published
- 2024-01-16T16:50:17.952009Z
- Modified
- 2025-10-13T04:36:43Z
- Summary
- zookeeper vulnerabilities
- Details
-
It was discovered that ZooKeeper incorrectly handled authorization for the getACL() command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-0201)
Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-44981)
- References
Affected packages
Ubuntu:Pro:14.04:LTS / zookeeper
Package
- Name
- zookeeper
- Purl
- pkg:deb/ubuntu/zookeeper@3.4.5+dfsg-1ubuntu0.1~esm3?arch=source&distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.4.5+dfsg-1ubuntu0.1~esm3
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libzookeeper-java",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "libzookeeper-mt-dev",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "libzookeeper-mt2",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "libzookeeper-st-dev",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "libzookeeper-st2",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "libzookeeper2",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "python-zookeeper",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "zookeeper",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "zookeeper-bin",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
},
{
"binary_name": "zookeeperd",
"binary_version": "3.4.5+dfsg-1ubuntu0.1~esm3"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"cves": [
{
"id": "CVE-2019-0201",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
{
"type": "Ubuntu",
"score": "low"
}
]
}
]
}
Ubuntu:Pro:16.04:LTS / zookeeper
Package
- Name
- zookeeper
- Purl
- pkg:deb/ubuntu/zookeeper@3.4.8-1ubuntu0.1~esm2?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.4.8-1ubuntu0.1~esm2
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libzookeeper-java",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "libzookeeper-mt-dev",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "libzookeeper-mt2",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "libzookeeper-st-dev",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "libzookeeper-st2",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "libzookeeper2",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "python-zookeeper",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "zookeeper",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "zookeeper-bin",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
},
{
"binary_name": "zookeeperd",
"binary_version": "3.4.8-1ubuntu0.1~esm2"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"cves": [
{
"id": "CVE-2019-0201",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
{
"type": "Ubuntu",
"score": "low"
}
]
}
]
}
Ubuntu:Pro:18.04:LTS / zookeeper
Package
- Name
- zookeeper
- Purl
- pkg:deb/ubuntu/zookeeper@3.4.13-3ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.4.13-3ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libzookeeper-java",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "libzookeeper-mt-dev",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "libzookeeper-mt2",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "libzookeeper-st-dev",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "libzookeeper-st2",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "python-zookeeper",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "zookeeper",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "zookeeper-bin",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
},
{
"binary_name": "zookeeperd",
"binary_version": "3.4.13-3ubuntu0.1~esm1"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"cves": [
{
"id": "CVE-2023-44981",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:20.04:LTS / zookeeper
Package
- Name
- zookeeper
- Purl
- pkg:deb/ubuntu/zookeeper@3.4.13-5ubuntu0.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.4.13-5ubuntu0.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libzookeeper-java",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "libzookeeper-mt-dev",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "libzookeeper-mt2",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "libzookeeper-st-dev",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "libzookeeper-st2",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "python3-zookeeper",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "zookeeper",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "zookeeper-bin",
"binary_version": "3.4.13-5ubuntu0.1"
},
{
"binary_name": "zookeeperd",
"binary_version": "3.4.13-5ubuntu0.1"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:20.04:LTS",
"cves": [
{
"id": "CVE-2023-44981",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:22.04:LTS / zookeeper
Package
- Name
- zookeeper
- Purl
- pkg:deb/ubuntu/zookeeper@3.4.13-6ubuntu4.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.4.13-6ubuntu4.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libzookeeper-java",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "libzookeeper-mt-dev",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "libzookeeper-mt2",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "libzookeeper-st-dev",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "libzookeeper-st2",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "python3-zookeeper",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "zookeeper",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "zookeeper-bin",
"binary_version": "3.4.13-6ubuntu4.1"
},
{
"binary_name": "zookeeperd",
"binary_version": "3.4.13-6ubuntu4.1"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"id": "CVE-2023-44981",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}