Lucene search
GoogleOSV:GHSA-W7F2-GJXF-2GM9HistoryMay 14, 2022 - 2:49 a.m.
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
2022-05-1402:49:56
Google
osv.dev
11
apache cassandra
remote attackers
arbitrary java code
rmi request
EPSS
0.008
Percentile
81.8%
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.
Related
nvd
nvd
CVE-2015-0225
2015-04-03 14:59:00
CVE-2018-8016
2018-06-28 16:29:00
redhat
redhat
(RHSA-2015:1947) Important: Red Hat JBoss Operations Network 3.3.4 update
2015-10-28 14:33:28
nessus
nessus
cvelist
cvelist
CVE-2015-0225
2015-04-03 14:00:00
CVE-2018-8016
2018-06-28 16:00:00
cve
cve
CVE-2015-0225
2015-04-03 14:59:00
CVE-2018-8016
2018-06-28 16:29:00
github
github
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
2022-05-14 02:49:56
Missing Authentication for Critical Function in Apache Cassandra
2022-05-13 01:53:28
veracode
veracode
Remote Code Execution (RCE)
2019-12-12 08:16:04
Remote Code Execution (RCE)
2018-06-26 07:42:20
prion
prion
Default configuration
2015-04-03 14:59:00
Default configuration
2018-06-28 16:29:00
securityvulns
securityvulns
[SECURITY ANNOUNCEMENT] CVE-2015-0225
2015-05-12 00:00:00
freebsd
freebsd
cassandra -- remote execution of arbitrary code
2015-04-01 00:00:00
redhatcve
redhatcve
CVE-2018-8016
2018-06-27 09:49:11
osv
osv
Missing Authentication for Critical Function in Apache Cassandra
2022-05-13 01:53:28