Critical severityNVD Advisory· Published Jun 21, 2023· Updated Oct 9, 2024
Apache Accumulo: Accumulo 2.1.0 may incorrectly validate cached credentials
CVE-2023-34340
Description
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0.
Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.accumulo:accumulo-shellMaven | >= 2.1.0, < 2.1.1 | 2.1.1 |
Affected products
2Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-hp5w-w29m-vg63ghsaADVISORY
- lists.apache.org/thread/syy6jftvy9l6tlhn33o0rzwhh4rd0z4tghsavendor-advisorymailing-listWEB
- nvd.nist.gov/vuln/detail/CVE-2023-34340ghsaADVISORY
- accumulo.apache.org/release/accumulo-2.1.1ghsaWEB
- accumulo.apache.org/release/accumulo-2.1.1/mitrerelease-notes
- github.com/apache/accumulo/commit/0f2389735fd32e0bbc93ecde5d8c814b275b21b5ghsaWEB
- github.com/apache/accumulo/issues/3427ghsaWEB
- github.com/apache/accumulo/issues/3433ghsaWEB
- github.com/apache/accumulo/pull/3440ghsaWEB
News mentions
0No linked articles in our index yet.