6 matches found
CVE-2023-30601
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...
SUSE CVE-2023-30601
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...
Security Bulletin: IBM Sterling Global Mailbox is vulnerable to privilege escalation attack due to Apache Cassandra
Summary Apache Cassandra is used by IBM Global Mailbox as part of the application database. Vulnerability Details CVEID:CVE-2023-30601 DESCRIPTION: Apache Cassandra could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the FQL/Audit logs...
Apache Cassandra: Privilege escalation when enabling FQL/Audit logs
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...
Privilege Escalation
cassandra-all is vulnerable to Privilege Escalation. The vulnerability exists when enabling FQL/Audit logs, which allows an attacker with JMX access to run arbitrary commands...
CVE-2023-30601 Apache Cassandra: Privilege escalation when enabling FQL/Audit logs
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...