CVE-2017-5637
Description
Two four letter word commands wchp/wchc are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
17.446
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-5637,CVE-2018-8012 are fixed in Apache-zookeeper 3.4.10 | Windows |
| Vulnerabilities CVE-2017-5637 are fixed in Apache-zookeeper 3.5.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.5 | Windows |
| Vulnerabilities CVE-2017-5637,CVE-2018-8012 are fixed in Apache-zookeeper for Linux 3.4.10 | Linux |
| Vulnerabilities CVE-2017-5637 are fixed in Apache-zookeeper for Linux 3.5.3 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234