9 matches found
EUVD-2025-0230
Malicious code in bioql PyPI...
BIT-CASSANDRA-2025-23015 Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on all keyspaces on...
BIT-CASSANDRA-2025-24860 Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions
Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer. Users with restricted data center access can update their own permissions via data control...
Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on all keyspaces on...
CVE-2025-24860
Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer. Users with restricted data center access can update their own permissions via data control...
CVE-2025-23015
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on all keyspaces on...
CVE-2025-23015
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on all keyspaces on...
CVE-2025-23015
CVE-2025-23015 is an Apache Cassandra privilege escalation issue: a user with MODIFY permission ON ALL KEYSPACES can escalate to superuser by exploiting unsafe actions on a system resource. Affected versions include Cassandra 3.0.30, 3.11.17, 4.0.15, 4.1.7, and 5.0.2. Remediation is to upgrade to...
PT-2025-4767 · Apache · Apache Cassandra
Name of the Vulnerable Software and Affected Versions: Apache Cassandra versions 3.0.30, 3.11.17, 4.0.15, 4.1.7, 5.0.2 Description: A privilege escalation issue exists in Apache Cassandra, where a user with MODIFY permission on all keyspaces can escalate privileges to superuser within a targeted...