Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-0225

Опубликовано: 03 апр. 2015
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:cassandra:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:1.2.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:cassandra:2.1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 75%
0.00904
Низкий

7.5 High

CVSS2

Дефекты

CWE-77

Связанные уязвимости

redhat логотип

CVE-2015-0225

redhat
почти 11 лет назад

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.

debian логотип

CVE-2015-0225

debian
почти 11 лет назад

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2. ...

github логотип

GHSA-w7f2-gjxf-2gm9

github
больше 3 лет назад

Improper Neutralization of Special Elements used in a Command in Apache Cassandra

EPSS

Процентиль: 75%
0.00904
Низкий

7.5 High

CVSS2

Дефекты

CWE-77