PT-2023-22802 · Apache · Apache Cassandra

Gal Elbaz

·

Publicado

2023-05-30

·

Atualizado

2024-03-06

·

CVE-2023-30601

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Apache Cassandra versions 4.0.0 through 4.0.9 Apache Cassandra versions 4.1.0 through 4.1.1
Description The issue is related to privilege escalation when enabling FQL/Audit logs, allowing a user with JMX access to run arbitrary commands as the user running Apache Cassandra. To exploit this issue, nodetool/JMX access is required.
Recommendations For Apache Cassandra versions 4.0.0 through 4.0.9, upgrade to 4.0.10 and leave the new FQL/Auditlog configuration property allow nodetool archive command as false. For Apache Cassandra versions 4.1.0 through 4.1.1, upgrade to 4.1.2 and leave the new FQL/Auditlog configuration property allow nodetool archive command as false. As a temporary workaround, consider disabling access for any non-trusted users to prevent exploitation.

Correção

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

BIT-CASSANDRA-2023-30601
CVE-2023-30601
GHSA-M9P2-J4HG-G373

Produtos afetados

Apache Cassandra