GHSA-QXPC-96FQ-WWMG Apache Cassandra is vulnerable to privilege escalation in an mTLS environment using MutualTlsAuthenticator

Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are...

Privilege Defined With Unsafe Actions

Overview org.apache.cassandra:cassandra-all is a maven plugin for the Apache Cassandra Project. Which, develops a highly scalable second-generation distributed database, bringing together Dynamo's fully distributed design and Bigtable's ColumnFamily-based data model. Affected versions of this...

CVE-2026-27314 Apache Cassandra: Privilege escalation via ADD IDENTITY authorization bypass

Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are...

CVE-2026-27314 Apache Cassandra: Privilege escalation via ADD IDENTITY authorization bypass

Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are...

CVE-2026-27314

CVE-2026-27314 affects Apache Cassandra 5.0 in an mTLS environment using MutualTlsAuthenticator. A user with only CREATE permission can bind their certificate identity to an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY . The root cause is an authoriza...