6 matches found
com.ericsson.bss.cassandra.ecaudit:ecaudit_c5.0 (>=3.1.0 <=3.1.1) potentially affected by CVE-2024-27137 via org.apache.cassandra:cassandra-all (>=5.0.0 <=5.0.2)
org.apache.cassandra:cassandra-all MAVEN version =5.0.0, =3.1.0, =3.1.1 Source cves: CVE-2024-27137 Source advisory: OSV:GHSA-RGFX-7P65-3FF4...
CVE-2024-27137
In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...
CVE-2024-27137 Apache Cassandra: unrestricted deserialization of JMX authentication credentials
In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...
CVE-2024-27137 Apache Cassandra: unrestricted deserialization of JMX authentication credentials
In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...
CVE-2024-27137
CVE-2024-27137 technical details are not publicly available in the provided connected documents. Monitor for updates from vendor advisories to confirm affected versions, impact, and fixes.
CVE-2024-27137
creationtimestamp| type| source ---|---|--- 2025-02-03 23:49:35+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lhcq7q3mkr23 2025-02-04 10:16:22+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lhdtaj5dbn25 2025-02-04 10:28:35+00:00| seen|...