Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2025/02/04 12:30 p.m.10 views

com.ericsson.bss.cassandra.ecaudit:ecaudit_c5.0 (>=3.1.0 <=3.1.1) potentially affected by CVE-2024-27137 via org.apache.cassandra:cassandra-all (>=5.0.0 <=5.0.2)

org.apache.cassandra:cassandra-all MAVEN version =5.0.0, =3.1.0, =3.1.1 Source cves: CVE-2024-27137 Source advisory: OSV:GHSA-RGFX-7P65-3FF4...

5.3CVSS6AI score0.00276EPSS
Exploits0
NVD
NVD
added 2025/02/04 11:15 a.m.65 views

CVE-2024-27137

In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...

5.3CVSS0.00276EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/04 10:19 a.m.22 views

CVE-2024-27137 Apache Cassandra: unrestricted deserialization of JMX authentication credentials

In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...

5.1AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/04 10:19 a.m.58 views

CVE-2024-27137 Apache Cassandra: unrestricted deserialization of JMX authentication credentials

In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...

0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/02/04 10:19 a.m.121 views

CVE-2024-27137

CVE-2024-27137 technical details are not publicly available in the provided connected documents. Monitor for updates from vendor advisories to confirm affected versions, impact, and fixes.

5.3CVSS6.5AI score0.00276EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2025/02/03 11:49 p.m.32 views

CVE-2024-27137

creationtimestamp| type| source ---|---|--- 2025-02-03 23:49:35+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lhcq7q3mkr23 2025-02-04 10:16:22+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lhdtaj5dbn25 2025-02-04 10:28:35+00:00| seen|...

5.3CVSS6AI score0.00276EPSS
Exploits0References8
Rows per page
Query Builder