DX Operational Intelligence

 View Only

Zookeeper Vulnerability in DX OI Connector server

  • 1.  Zookeeper Vulnerability in DX OI Connector server

    Posted Aug 02, 2024 03:57 PM

    Hello All,

    It is about Apache Zookeeper ACLs Vulnerability on DX OI Connector Server. (OS RHEL)

    It was suggested to follow below link for resolution of the vulnerability QID-38780.(Please refer to the highlighted case for Vulnerability details).

    As per KB198504, It was suggested to enable ACLs for all nodes using the link "https://lucene.apache.org/solr/guide/6_6/zookeeper-access-control.html" (Link-A) where there is no mention of steps to enable ACLs.

    Has anyone tried this? Support is not providing any help on this.

    If anyone has tried this in their environment, please provide me with steps as Broadcom support does not have any idea on effect or steps to clear the Vulnerability.