8 matches found
SUSE CVE-2023-30601
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...
Photon OS 5.0: Cassandra PHSA-2023-5.0-0020
An update of the cassandra package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0020. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.
Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...
Security Bulletin: Due to use of Apache Cassandra , IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to an authenticated attacker to gaining elevated privileges.
Summary Apache cassandra is used by IBM Cloud Pak for Multicloud Management Monitoring as part of saving data on several components. Vulnerability Details CVEID:CVE-2023-30601 DESCRIPTION: Apache Cassandra could allow a local authenticated attacker to gain elevated privileges on the system, cause...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Cassandra (CVE-2023-30601)
Summary A vulnerability in Apache Cassandra used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-30601 DESCRIPTION: Apache Cassandra could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the FQL/Audit log...
CVE-2023-30601
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...
CVE-2023-30601
CVE-2023-30601 : Privilege escalation in Apache Cassandra when enabling FQL/Audit logs. A local attacker with nodetool/JMX access can execute arbitrary commands as the Cassandra process user due to a flaw in the FQL/Audit logs implementation. Affected versions: Cassandra 4.0.0–4.0.9 and 4.1.0–4.1...
CVE-2023-30601 Apache Cassandra: Privilege escalation when enabling FQL/Audit logs
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...