Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-3427 | 8 Apache, Canonical, Debian and 5 more | 38 Cassandra, Ubuntu Linux, Debian Linux and 35 more | 2024-06-27 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | |||||
| CVE-2023-30601 | 1 Apache | 1 Cassandra | 2024-02-04 | N/A | 7.8 HIGH |
| Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be exploitable, disable access for any non-trusted users. MITIGATION Upgrade to 4.0.10 or 4.1.2 and leave the new FQL/Auditlog configuration property allow_nodetool_archive_command as false. | |||||
| CVE-2021-44521 | 1 Apache | 1 Cassandra | 2024-02-04 | 8.5 HIGH | 9.1 CRITICAL |
| When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE. | |||||
| CVE-2020-17516 | 1 Apache | 1 Cassandra | 2024-02-04 | 4.3 MEDIUM | 7.5 HIGH |
| Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc' or 'rack' internode_encryption setting, allows both encrypted and unencrypted internode connections. A misconfigured node or a malicious user can use the unencrypted connection despite not being in the same rack or dc, and bypass mutual TLS requirement. | |||||
| CVE-2020-13946 | 2 Apache, Netapp | 2 Cassandra, Oncommand Insight | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely. | |||||
| CVE-2018-8016 | 1 Apache | 1 Cassandra | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in https://issues.apache.org/jira/browse/CASSANDRA-12109. The fix for the regression is implemented in https://issues.apache.org/jira/browse/CASSANDRA-14173. This fix is contained in the 3.11.2 release of Apache Cassandra. | |||||
| CVE-2016-4970 | 3 Apache, Netty, Redhat | 4 Cassandra, Netty, Jboss Data Grid and 1 more | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). | |||||
| CVE-2015-0225 | 1 Apache | 1 Cassandra | 2024-02-04 | 7.5 HIGH | N/A |
| The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. | |||||