4 matches found
Apache Cassandra 1.2.x <= 1.2.19 / 2.0.x <= 2.0.13 / 2.1.x <= 2.1.3 RCE
The default configuration in Apache Cassandra running on the remote host version 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 bound an unauthenticated JMX/RMI interface to all network interfaces. A remote attacker able to access the RMI, an API for the transport and remote...
CVE-2018-8016
The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...
CVE-2018-8016
CVE-2018-8016 affects Apache Cassandra 3.8–3.11.1, where the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, allowing a remote attacker to execute arbitrary Java code via an RMI request. This is a regression of CVE-2015-0225, introduced in CASSANDRA-121...
CVE-2015-0225
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request...