Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2025/02/14 6:28 a.m.7 views

SUSE CVE-2023-30601

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

7.8CVSS7.6AI score0.00324EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.16 views

Photon OS 5.0: Cassandra PHSA-2023-5.0-0020

An update of the cassandra package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0020. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS7.5AI score0.00324EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/11 2:19 p.m.47 views

Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.

Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...

9.9CVSS8.9AI score0.75792EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 10:15 a.m.45 views

Security Bulletin: Due to use of Apache Cassandra , IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to an authenticated attacker to gaining elevated privileges.

Summary Apache cassandra is used by IBM Cloud Pak for Multicloud Management Monitoring as part of saving data on several components. Vulnerability Details CVEID:CVE-2023-30601 DESCRIPTION: Apache Cassandra could allow a local authenticated attacker to gain elevated privileges on the system, cause...

7.8CVSS7.5AI score0.00324EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/15 12:12 a.m.36 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Cassandra (CVE-2023-30601)

Summary A vulnerability in Apache Cassandra used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-30601 DESCRIPTION: Apache Cassandra could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the FQL/Audit log...

7.8CVSS7.5AI score0.00324EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/05/30 8:15 a.m.17 views

CVE-2023-30601

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

7.8CVSS8AI score0.00324EPSS
Exploits0References1
CVE
CVE
added 2023/05/30 7:25 a.m.377 views

CVE-2023-30601

CVE-2023-30601 : Privilege escalation in Apache Cassandra when enabling FQL/Audit logs. A local attacker with nodetool/JMX access can execute arbitrary commands as the Cassandra process user due to a flaw in the FQL/Audit logs implementation. Affected versions: Cassandra 4.0.0–4.0.9 and 4.1.0–4.1...

7.8CVSS7.8AI score0.00324EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/05/30 7:25 a.m.3 views

CVE-2023-30601 Apache Cassandra: Privilege escalation when enabling FQL/Audit logs

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

7.8CVSS7.1AI score0.00324EPSS
Exploits0References3
Rows per page
Query Builder