PT-2023-22802 · Apache · Apache Cassandra
Gal Elbaz
·
Published
2023-05-30
·
Updated
2024-03-06
·
CVE-2023-30601
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache Cassandra versions 4.0.0 through 4.0.9
Apache Cassandra versions 4.1.0 through 4.1.1
Description
The issue is related to privilege escalation when enabling FQL/Audit logs, allowing a user with JMX access to run arbitrary commands as the user running Apache Cassandra. To exploit this issue, nodetool/JMX access is required.
Recommendations
For Apache Cassandra versions 4.0.0 through 4.0.9, upgrade to 4.0.10 and leave the new FQL/Auditlog configuration property
allow nodetool archive command as false.
For Apache Cassandra versions 4.1.0 through 4.1.1, upgrade to 4.1.2 and leave the new FQL/Auditlog configuration property allow nodetool archive command as false.
As a temporary workaround, consider disabling access for any non-trusted users to prevent exploitation.Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Cassandra