3 matches found
Security Bulletin: IBM Network Performance Insight 1.3.1 was affected by CVE-2020-17516 in Apache Cassandra.
Summary IBM Network Performance Insight 1.3.1 was affected by CVE-2020-17516 in Apache Cassandra. Vulnerability Details CVEID: CVE-2020-17516 DESCRIPTION: Apache Cassandra could allow a remote attacker to bypass security restrictions, caused by not enforcing encryption setting on inbound internod...
CVE-2020-17516
Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc' or 'rack' internodeencryption setting, allows both encrypted and unencrypted internode connections. A misconfigured node or a malicious user can use the unencrypted connection despit...
CVE-2020-17516
CVE-2020-17516 affects Apache Cassandra versions 2.1.0–2.1.22, 2.2.0–2.2.19, 3.0.0–3.0.23, and 3.11.0–3.11.9 when using internode_encryption (dc/rack). A misconfigured node or a malicious user could use an unencrypted internode connection to bypass mutual TLS, potentially exposing or altering int...