Skip to main content

DNS CVE-2026-24281

HIGH
Improper Certificate Validation (CWE-295)
2026-03-07 security@apache.org GHSA-7xrh-hqfc-g7qr
Apache DNS Red Hat Zookeeper
7.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Mar 07, 2026 - 09:16 nvd
HIGH 7.4

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 460 maven packages depend on org.apache.zookeeper:zookeeper (89 direct, 372 indirect)

Ecosystem-wide dependent count for version 3.8.0.

DescriptionNVD

Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid certificate for the PTR name. It's important to note that attacker must present a certificate which is trusted by ZKTrustManager which makes the attack vector harder to exploit. Users are recommended to upgrade to version 3.8.6 or 3.9.5, which fixes this issue by introducing a new configuration option to disable reverse DNS lookup in client and quorum protocols.

AnalysisAI

Hostname verification bypass in Apache ZooKeeper's ZKTrustManager allows attackers with a valid certificate trusted by the server to impersonate ZooKeeper nodes by exploiting fallback to reverse DNS validation when IP SAN checks fail. An attacker controlling or spoofing PTR records can intercept and forge communications between ZooKeeper servers and clients, compromising confidentiality and integrity of the cluster. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Inventory all ZooKeeper instances and document network exposure; assess whether PTR records are controlled by trusted infrastructure. Within 7 days: Implement network segmentation to restrict ZooKeeper communication to trusted internal networks only; disable reverse DNS lookups in ZooKeeper configuration if possible. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2025-48977 HIGH
8.5 May 28

Path traversal in Apache Ignite 2.0.0 through 2.17.0 lets authenticated REST API users read arbitrary files on the serve
CVE-2026-9277 HIGH
8.1 May 22

Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr
CVE-2026-9256 HIGH
8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers
CVE-2026-42782 HIGH
7.2 May 25

Code execution via Groovy sandbox bypass in Apache Syncope 3.0 through 3.0.16, 4.0 through 4.0.5, and 4.1.0 allows a hig
CVE-2026-43827 MEDIUM
5.9 May 25

Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0

Vendor StatusVendor

Share

CVE-2026-24281 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy