Vulnerabilities

CVE-2026-24308 - Apache ZooKeeper: Sensitive information disclosure in client configuration handling

2026-03-07 0 views admin

CVE ID :CVE-2026-24308 Published : March 7, 2026, 9:16 a.m. | 24 minutes ago Description :Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential production systems affected by the issue. Users are recommended to upgrade to version 3.8.6 or 3.9.5 which fixes this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-24308

Published

March 7, 2026

Affected Product: Apache

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-24308apache

CVE-2026-24308 - Apache ZooKeeper: Sensitive information disclosure in client configuration handling

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-14675 - Meta Box <= 5.11.1 - authenticated (contributor+) arbitrary file deletion

CVE-2026-1073 - Purchase Button For Affiliate Link <= 1.0.2 - cross-site request forgery to setti...

CVE-2026-1071 - Carta Online <= 2.13.0 - authenticated (administrator+) stored cross-site scripti...

CVE-2026-1087 - The Guardian News Feed <= 1.2 - cross-site request forgery to settings update

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting