Improper Access Control in Apache Accumulo by Apache
CVE-2026-62764

5.7MEDIUM

Key Information:

Vendor

Apache

Vendor
CVE Published:
17 July 2026

What is CVE-2026-62764?

An authentication flaw in Apache Accumulo allows low-privileged users, who lack sufficient system permissions, to remotely issue commands that can gracefully shut down essential system components such as the compaction-coordinator, compactor, garbage collector, manager, monitor, tserver, or sserver. This potentially leads to a denial of service, interrupting normal operations. Users of affected versions 2.1.4 and 2.1.5 are advised to upgrade to version 2.1.6, which addresses this concern.

Affected Version(s)

Apache Accumulo 2.1.4 <= 2.1.5

References

CVSS V4

Score:
5.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Fabian Fleischer
.