Apache Cassandra Remote Code Execution

2015.04.02
Credit: Georgi Geshev
Risk: High
Local: No
Remote: Yes
CVE: CVE-2015-0225
CWE: CWE-77


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

CVE-2015-0225: Apache Cassandra remote execution of arbitrary code Severity: Important Vendor: The Apache Software Foundation Versions Affected: Cassandra 1.2.0 to 1.2.19 Cassandra 2.0.0 to 2.0.13 Cassandra 2.1.0 to 2.1.3 Description: Under its default configuration, Cassandra binds an unauthenticated JMX/RMI interface to all network interfaces. As RMI is an API for the transport and remote execution of serialized Java, anyone with access to this interface can execute arbitrary code as the running user. Mitigation: 1.2.x has reached EOL, so users of <= 1.2.x are recommended to upgrade to a supported version of Cassandra, or manually configure encryption and authentication of JMX, (seehttps://wiki.apache.org/cassandra/JmxSecurity). 2.0.x users should upgrade to 2.0.14 2.1.x users should upgrade to 2.1.4 Alternately, users of any version not wishing to upgrade can reconfigure JMX/RMI to enable encryption and authentication according to https://wiki.apache.org/cassandra/JmxSecurityor http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html Credit: This issue was discovered by Georgi Geshev of MWR InfoSecurity

References:

http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top