Analytics: Security vulnerability in Zookeeper module

book

Article ID: 198504

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine CA Automic Workload Automation - Automation Engine CA Automic One Automation

Issue/Introduction

During a security review, Analytics may respond as a risk when no ACLs are used.
This may show up as Apache Zookeeper Common/Default Nodes Accessible Without ACL

Environment

Release : 12.3

Component : Analytics (ANOP)

Resolution

Activating ACLs in Zookeeper is explained here:

https://lucene.apache.org/solr/guide/6_6/zookeeper-access-control.html