Lucene search
CVE-2018-8016
The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, allowing remote attackers to execute arbitrary Java code via an RMI request
Show more
| Reporter | Title | Published | Views | Family All 23 |
|---|---|---|---|---|
 | Missing Authentication for Critical Function in Apache Cassandra | 13 May 202201:53 | – | osv |
| Improper Neutralization of Special Elements used in a Command in Apache Cassandra | 14 May 202202:49 | – | osv |
 | Default configuration | 28 Jun 201816:29 | – | prion |
| Default configuration | 3 Apr 201514:59 | – | prion |
 | CVE-2018-8016 | 28 Jun 201816:00 | – | cvelist |
| CVE-2015-0225 | 3 Apr 201514:00 | – | cvelist |
 | CVE-2018-8016 | 28 Jun 201816:29 | – | nvd |
| CVE-2015-0225 | 3 Apr 201514:59 | – | nvd |
 | Remote Code Execution (RCE) | 26 Jun 201807:42 | – | veracode |
| Remote Code Execution (RCE) | 12 Dec 201908:16 | – | veracode |
10
[
{
"product": "Apache Cassandra",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Cassandra 3.8 to 3.11.1"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo28 Jun 2018 16:29Current
9.5High risk
Vulners AI Score9.5
CVSS27.5
CVSS39.8
EPSS0.00573