Cassandra
CVE-2020-13946
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1Blast Radius
ecosystem impact- 18 maven packages depend on org.apache.cassandra:cassandra-all (13 direct, 5 indirect)
Ecosystem-wide dependent count for version 2.1.0.
DescriptionNVD
In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely.
AnalysisAI
In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Exposure of Resource to Wrong Sphere (CWE-668), which allows attackers to access resources from an unintended security context. In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely. Affected products include: Apache Cassandra, Netapp Oncommand Insight. Version information: prior to 2.1.22.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement proper access controls, validate resource access permissions, use security boundaries.
The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all netwo
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers t
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerabil
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerabil
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user runn
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated medium severity (C
Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they s
In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration
Same weakness CWE-668 – Exposure of Resource to Wrong Sphere
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today