Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:22166
HistoryDec 12, 2019 - 8:16 a.m.

Remote Code Execution (RCE)

2019-12-1208:16:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Apache cassandra is vulnerable to remote code execution. The vulnerability exists due to the use of a default JMX configuration of unauthenticated JMX/RMI interface to all network interfaces. Therefore, anyone with access to the interface is allowed to listen to the RMI and to trigger a remote execution of serialized Java.

Related

nessus 2
prion 2
securityvulns 2
freebsd 1
osv 2
cvelist 2
cve 2
github 2
redhat 1
veracode 1
redhatcve 1
nessus
nessus
FreeBSD : cassandra -- remote execution of arbitrary code (607f4d44-0158-11e5-8fda-002590263bf5)
2015-05-26 00:00:00
Apache Cassandra 1.2.x <= 1.2.19 / 2.0.x <= 2.0.13 / 2.1.x <= 2.1.3 RCE
2020-12-02 00:00:00
prion
prion
Default configuration
2015-04-03 14:59:00
Default configuration
2018-06-28 16:29:00
securityvulns
securityvulns
[SECURITY ANNOUNCEMENT] CVE-2015-0225
2015-05-12 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2015-05-12 00:00:00
freebsd
freebsd
cassandra -- remote execution of arbitrary code
2015-04-01 00:00:00
osv
osv
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
2022-05-14 02:49:56
Missing Authentication for Critical Function in Apache Cassandra
2022-05-13 01:53:28
cvelist
cvelist
CVE-2015-0225
2015-04-03 14:00:00
CVE-2018-8016
2018-06-25 00:00:00
cve
cve
CVE-2015-0225
2015-04-03 14:59:00
CVE-2018-8016
2018-06-28 16:29:00
github
github
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
2022-05-14 02:49:56
Missing Authentication for Critical Function in Apache Cassandra
2022-05-13 01:53:28
redhat
redhat
(RHSA-2015:1947) Important: Red Hat JBoss Operations Network 3.3.4 update
2015-10-28 14:33:28
veracode
veracode
Remote Code Execution (RCE)
2018-06-26 07:42:20
redhatcve
redhatcve
CVE-2018-8016
2018-06-27 09:49:11

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for VERACODE:22166
nessus2prion2securityvulns2freebsd1osv2cvelist2cve2github2redhat1veracode1redhatcve1