Cassandra

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-26467 HIGH PATCH This Week

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Apache Cassandra Redhat
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-24860 MEDIUM PATCH This Month

Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Authentication Bypass Cassandra Redhat
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-27137 MEDIUM PATCH This Month

In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Java Cassandra Redhat
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-23015 HIGH PATCH This Week

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Privilege Escalation Cassandra Redhat
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-26467
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Apache Cassandra +1
NVD
CVE-2025-24860
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Authentication Bypass Cassandra +1
NVD
CVE-2024-27137
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Java +2
NVD
CVE-2025-23015
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Privilege Escalation Cassandra +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy