📦 Cassandra

This vulnerability allows authenticated attackers with permissions to create user-defined functions in Apache Cassandra to execute arbitrary code on the host when specific unsafe configurations are en...

This CVE describes a privilege escalation vulnerability in Apache Cassandra where a user with MODIFY permission on all keyspaces can gain superuser privileges by performing unsafe actions on system re...

This vulnerability allows users with MODIFY permission on all keyspaces in Apache Cassandra to escalate privileges to superuser by performing unsafe actions on system resources. It affects all Apache ...

This vulnerability allows users with JMX access to escalate privileges and execute arbitrary commands as the Apache Cassandra service account when enabling FQL/Audit logs. It affects Apache Cassandra ...

This vulnerability in Apache Cassandra allows unencrypted internode connections even when TLS is configured, enabling attackers to bypass mutual TLS requirements. It affects Cassandra clusters using '...

This vulnerability allows a local attacker to perform a man-in-the-middle attack on Apache Cassandra's RMI registry, capturing JMX interface credentials. Attackers can then use these credentials to pe...