Lucene search
RedhatCVELIST:CVE-2015-0225HistoryApr 03, 2015 - 2:00 p.m.
CVE-2015-0225
2015-04-0314:00:00
redhat
www.cve.org
3
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.
References
packetstormsecurity.com/files/131249/Apache-Cassandra-Remote-Code-Execution.html
rhn.redhat.com/errata/RHSA-2015-1947.html
www.mail-archive.com/user%40cassandra.apache.org/msg41819.html
www.securityfocus.com/archive/1/535154/100/0/threaded
www.securityfocus.com/bid/73478
www.securitytracker.com/id/1034002
Related
nvd
nvd
CVE-2015-0225
2015-04-03 14:59:00
CVE-2018-8016
2018-06-28 16:29:00
veracode
veracode
Remote Code Execution (RCE)
2019-12-12 08:16:04
Remote Code Execution (RCE)
2018-06-26 07:42:20
cve
cve
CVE-2015-0225
2015-04-03 14:59:00
CVE-2018-8016
2018-06-28 16:29:00
github
github
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
2022-05-14 02:49:56
Missing Authentication for Critical Function in Apache Cassandra
2022-05-13 01:53:28
osv
osv
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
2022-05-14 02:49:56
Missing Authentication for Critical Function in Apache Cassandra
2022-05-13 01:53:28
redhat
redhat
(RHSA-2015:1947) Important: Red Hat JBoss Operations Network 3.3.4 update
2015-10-28 14:33:28
nessus
nessus
freebsd
freebsd
cassandra -- remote execution of arbitrary code
2015-04-01 00:00:00
prion
prion
Default configuration
2015-04-03 14:59:00
Default configuration
2018-06-28 16:29:00
securityvulns
securityvulns
[SECURITY ANNOUNCEMENT] CVE-2015-0225
2015-05-12 00:00:00
redhatcve
redhatcve
CVE-2018-8016
2018-06-27 09:49:11
cvelist
cvelist
CVE-2018-8016
2018-06-28 16:00:00