Vulnerability Name:

CVE-2017-5637 (CCN-121602)

Assigned:2017-02-07
Published:2017-02-07
Updated:2021-07-20
Summary:Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-400
CWE-306
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2017-5637

Source: DEBIAN
Type: Third Party Advisory
DSA-3871

Source: CCN
Type: IBM Security Bulletin 2016157 (Multi-Cloud Data Encryption)
Multi-Cloud Data Encryption (MDE) is using components with Known Vulnerabilities

Source: BID
Type: VDB Entry, Third Party Advisory
98814

Source: CCN
Type: BID-98814
Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability

Source: CCN
Type: Apache Web site
Apache ZooKeeper

Source: REDHAT
Type: UNKNOWN
RHSA-2017:2477

Source: REDHAT
Type: UNKNOWN
RHSA-2017:3354

Source: REDHAT
Type: UNKNOWN
RHSA-2017:3355

Source: XF
Type: UNKNOWN
zookeeper-wchp-dos(121602)

Source: CONFIRM
Type: Issue Tracking, Mitigation, Vendor Advisory
https://issues.apache.org/jira/browse/ZOOKEEPER-2693

Source: MLIST
Type: UNKNOWN
[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar

Source: CCN
Type: Apache Web site
CVE-2017-5637: DOS attack on wchp/wchc four letter words (4lw)

Source: MLIST
Type: Mailing List, Vendor Advisory
[dev] 20171009 [SECURITY] CVE-2017-5637: DOS attack on wchp/wchc four letter words (4lw)

Source: MLIST
Type: UNKNOWN
[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html

Source: MLIST
Type: UNKNOWN
[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [02-07-2017]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [07-02-2017]

Source: CCN
Type: IBM Security Bulletin 6198380 (DB2 for Linux- UNIX and Windows)
Multiple vulnerabilities in dependent libraries affect IBM Db2 leading to denial of service or privilege escalation.

Source: CCN
Type: IBM Security Bulletin 6210366 (Monitoring)
Multiple vulnerabilities have been identified in DB2 that affect the IBM Performance Management product

Source: CCN
Type: IBM Security Bulletin 6444895 (Db2 Warehouse)
IBM Db2 Warehouse has released a fix in response to multiple vulnerabilities found in IBM Db2

Source: CCN
Type: IBM Security Bulletin 6491163 (Planning Analytics)
IBM Planning Analytics Workspace is affected by security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6605881 (PureData System for Operational Analytics)
Multiple security vulnerabilities have been identified in IBM DB2 shipped with IBM PureData System for Operational Analytics

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpujul2020.html

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:zookeeper:3.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:zookeeper:3.4.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:zookeeper:3.5.2:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:db2:11.1:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:monitoring:8.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:multi-cloud_data_encryption:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20175637
    V
    		CVE-2017-5637
    2022-05-22
    oval:org.opensuse.security:def:59878
    P
    		Security update for apache2 (Important)
    2022-01-12
    oval:org.opensuse.security:def:60440
    P
    		Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:60344
    P
    		Security update for spectre-meltdown-checker (Moderate)
    2021-08-27
    oval:org.opensuse.security:def:59744
    P
    		Security update for the Linux Kernel (Important)
    2021-06-08
    oval:org.opensuse.security:def:60228
    P
    		Security update for clamav (Important)
    2021-04-13
    oval:org.opensuse.security:def:60485
    P
    		Security update for openssl-1_1 (Important)
    2021-03-25
    oval:org.opensuse.security:def:59448
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:59442
    P
    		Security update for mutt (Important)
    2020-12-07
    oval:org.opensuse.security:def:59695
    P
    		Security update for python-setuptools (Important)
    2020-12-02
    oval:org.opensuse.security:def:59040
    P
    		Security update for dbus-1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:60863
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:60522
    P
    		python-libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60185
    P
    		Security update for krb5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:59261
    P
    		Security update for squid (Important)
    2020-12-01
    oval:org.opensuse.security:def:60649
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:60603
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:59284
    P
    		Security update for freeradius-server (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60677
    P
    		Security update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60784
    P
    		Security update for sane-backends (Important)
    2020-12-01
    oval:org.opensuse.security:def:59018
    P
    		Security update for ucode-intel (Important)
    2020-12-01
    oval:org.opensuse.security:def:60913
    P
    		Security update for libssh2_org (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:59996
    P
    		Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important)
    2020-12-01
    oval:org.opensuse.security:def:59196
    P
    		Security update for clamav (Important)
    2020-12-01
    oval:org.opensuse.security:def:60942
    P
    		Security update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60560
    P
    		unzip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:59629
    P
    		Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:59262
    P
    		Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP2) (Important)
    2020-12-01
    oval:org.opensuse.security:def:60599
    P
    		Security update for dnsmasq (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60700
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:59929
    P
    		Security update for python3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:59017
    P
    		Security update for java-1_8_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:60822
    P
    		Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:84395
    P
    		Security update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper (Moderate)
    2020-04-22
    oval:org.opensuse.security:def:83943
    P
    		Security update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper (Moderate)
    2020-04-22
    oval:com.ubuntu.xenial:def:201756370000000
    V
    		CVE-2017-5637 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-10-10
    oval:com.ubuntu.disco:def:201756370000000
    V
    		CVE-2017-5637 on Ubuntu 19.04 (disco) - medium.
    2017-10-10
    oval:com.ubuntu.bionic:def:201756370000000
    V
    		CVE-2017-5637 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-10-10
    oval:com.ubuntu.artful:def:20175637000
    V
    		CVE-2017-5637 on Ubuntu 17.10 (artful) - medium.
    2017-10-09
    oval:com.ubuntu.xenial:def:20175637000
    V
    		CVE-2017-5637 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-10-09
    oval:com.ubuntu.bionic:def:20175637000
    V
    		CVE-2017-5637 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-10-09
    oval:com.ubuntu.cosmic:def:201756370000000
    V
    		CVE-2017-5637 on Ubuntu 18.10 (cosmic) - medium.
    2017-10-09
    oval:com.ubuntu.cosmic:def:20175637000
    V
    		CVE-2017-5637 on Ubuntu 18.10 (cosmic) - medium.
    2017-10-09
    oval:com.ubuntu.trusty:def:20175637000
    V
    		CVE-2017-5637 on Ubuntu 14.04 LTS (trusty) - medium.
    2017-10-09
    BACK
    apache zookeeper 3.4.8
    apache zookeeper 3.4.7
    apache zookeeper 3.5.2
    apache zookeeper 3.5.1
    apache zookeeper 3.4.4
    apache zookeeper 3.4.3
    apache zookeeper 3.4.2
    apache zookeeper 3.4.6
    apache zookeeper 3.4.5
    apache zookeeper 3.5.0
    apache zookeeper 3.4.9
    apache zookeeper 3.4.1
    apache zookeeper 3.4.0
    debian debian linux 8.0
    apache zookeeper 3.5.2
    ibm db2 11.1
    ibm db2 11.1
    ibm db2 11.1
    ibm monitoring 8.1.4
    ibm multi-cloud data encryption 2.1
    ibm db2 11.1
    ibm db2 11.1
    ibm db2 11.1
    ibm db2 11.5
    ibm db2 11.5
    ibm db2 11.5
    ibm db2 11.5
    ibm db2 11.5
    ibm db2 11.5
    ibm planning analytics 2.0