CVE-2024-51504

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Nov 7, 2024
Updated: Nov 8, 2024
CWE ID 290

Summary

CVE-2024-51504 is a vulnerability affecting ZooKeeper Admin Server's IPAuthenticationProvider. This issue allows an attacker to bypass authentication through IP spoofing in HTTP request headers. The default configuration of IP address detection in IPAuthenticationProvider relies on HTTP headers, which is weak and susceptible to spoofing. The X-Forwarded-For header, commonly used by proxy servers to identify clients, can be easily manipulated, enabling an attacker to impersonate a different IP address. Successful exploitation enables administration commands, including snapshot and restore, potentially leading to information leakage or service disruption. Users are advised to upgrade to ZooKeeper version 3.9.3, which addresses this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share