Rewterz Threat Alert – Credential Stealer Targeting Banks in US, Canada and India
December 29, 2020Rewterz Threat Alert – Trickbot – IOCs
December 30, 2020Rewterz Threat Alert – Credential Stealer Targeting Banks in US, Canada and India
December 29, 2020Rewterz Threat Alert – Trickbot – IOCs
December 30, 2020Severity
High
Analysis Summary
CVE-2020-17533
Apache Accumulo could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper validation of the return value of some policy enforcement functions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain administrative privileges to flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties.
Impact
Privilege escalation
Affected Vendors
Apache
Affected Products
- Apache Accumulo 1.5.0
- Apache Accumulo 1.10.0
- Apache Accumulo 2.0.0
Remediation
Upgrade to the latest version of Apache Accumulo (1.10.1, 2.0.1 or later).