7.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2015-1836

GHSA ID

GHSA-p8xr-4v2c-rvgp

EPSS Score

0.83463%

CWE

CWE-284

Published

10/18/2018

Updated

1/9/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2015-1836

CVE-2015-1836:
High severity vulnerability that affects org.apache.hbase:hbase

Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic.

(GitHub Advisory)

7.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2015-1836

GHSA ID

GHSA-p8xr-4v2c-rvgp

EPSS Score

0.83463%

CWE

CWE-284

Published

10/18/2018

Updated

1/9/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.hbase:hbase	maven	= 1.1.0	1.1.0.1
org.apache.hbase:hbase	maven	>= 0.98, <= 0.98.12.0	0.98.12.1
org.apache.hbase:hbase	maven	>= 1.0.0, <= 1.0.1.0	1.0.1.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper security detection in ZKUtil.isSecureZooKeeper() which controls ZooKeeper ACL assignments. The patched commits show critical modifications to the security validation logic:

Expanded JAAS configuration checks from just 'Client' to include Kerberos-specific entries
Removed the keytab file presence requirement from the security check These changes indicate the original function was failing to properly detect secure configurations, leading to weak ACLs. During exploitation, this function would be actively involved in security evaluation, making it appear in stack traces when ZooKeeper ACLs are being set. The function's incorrect security assessment directly enabled the improper access control described in CVE-2015-1836.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*p**** ***s* *.** ***or* *.**.**.*, *.* ***or* *.*.*.*, *n* *.* ***or* *.*.*.*, *s us** in I*M In*oSp**r* *i*Insi**ts *.*, *.*.*.*, *n* *.*.*.* *n* ot**r pro*u*ts, us*s in*orr**t **Ls *or ZooK**p*r *oor*in*tion st*t*, w*i** *llows r*mot* *tt**k*rs to

Reasoning

T** vuln*r**ility st*ms *rom improp*r s**urity **t**tion in ZKUtil.isS**ur*ZooK**p*r() w*i** *ontrols ZooK**p*r **L *ssi*nm*nts. T** p*t**** *ommits s*ow *riti**l mo*i*i**tions to t** s**urity v*li**tion lo*i*: *. *xp*n*** J**S *on*i*ur*tion ****ks *

7.3

Basic Information

Concerned about an active attack path?

CVE-2015-1836: High severity vulnerability that affects org.apache.hbase:hbase

7.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2015-1836:
High severity vulnerability that affects org.apache.hbase:hbase

Vulnerability Intelligence
Miggo AI