Apache Cassandra RMI Registry Manipulation Vulnerability Allowing JMX Credential Capture
Vulnerability
A vulnerability exists in Apache Cassandra versions 4.0.2 prior to 4.0.15, 4.1.0 prior to 4.1.8, and 5.0-beta1 prior to 5.0.3, all running Java 11. This vulnerability allows a local attacker, without access to the Cassandra process or configuration files, to manipulate the RMI registry. This manipulation can lead to a man-in-the-middle attack, where the attacker intercepts and captures usernames and passwords used to access the JMX interface. Once obtained, these credentials can be used to access JMX and perform unauthorized operations.
Impact
Exploitation of this vulnerability could result in the unauthorized interception of JMX authentication credentials, allowing access to the JMX interface and the ability to perform unauthorized operations. Additionally, according to NetApp, this vulnerability could also lead to a denial-of-service condition.
Remediation
Users are advised to upgrade to Apache Cassandra versions 4.0.15, 4.1.8, or 5.0.3, all of which address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.