GitHub Advisory DatabaseGHSA-M9P2-J4HG-G373Apache Cassandra: Privilege escalation when enabling FQL/Audit logs
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra
This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1.
WORKAROUND
The vulnerability requires nodetool/JMX access to be exploitable, disable access for any non-trusted users.
MITIGATION
Upgrade to 4.0.10 or 4.1.2 and leave the new FQL/Auditlog configuration propertyΒ allow_nodetool_archive_command as false.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.apache.cassandra:cassandra-all | lt | 4.0.10 | |
| org.apache.cassandra:cassandra-all | lt | 4.1.2 |
References
github.com/advisories/GHSA-m9p2-j4hg-g373
github.com/apache/cassandra/commit/22d74c711658507addfd67e2c78b04a9b88413b2
github.com/apache/cassandra/commit/aafb4d19448f12ce600dc4e84a5b181308825b32
issues.apache.org/jira/browse/CASSANDRA-18550
lists.apache.org/thread/f74p9jdhmmp7vtrqd8lgm8bq3dhxl8vn
nvd.nist.gov/vuln/detail/CVE-2023-30601
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%