Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components (compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver), leading to a denial of service. This issue affects Apache Accumulo 2.1.4 and 2.1.5. Users are recommended to upgrade to version 2.1.6, which fixes the issue.
History

Fri, 17 Jul 2026 10:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 17 Jul 2026 09:00:00 +0000

Type Values Removed Values Added
Description Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components (compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver), leading to a denial of service. This issue affects Apache Accumulo 2.1.4 and 2.1.5. Users are recommended to upgrade to version 2.1.6, which fixes the issue.
Title Apache Accumulo: A user can trigger a graceful shutdown of services without the relevant system permissions
Weaknesses CWE-274
References
Metrics cvssV4_0

{'score': 5.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:U/V:D/RE:L/U:Green'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2026-07-17T10:07:38.455Z

Reserved: 2026-07-14T21:02:12.369Z

Link: CVE-2026-62764

cve-icon Vulnrichment

Updated: 2026-07-17T08:48:08.750Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.