Описание
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.
Пакеты
org.apache.cassandra:apache-cassandra
>= 1.2.0, < 2.0.14
2.0.14
org.apache.cassandra:apache-cassandra
>= 2.1.0, < 2.1.4
2.1.4
Связанные уязвимости
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2. ...