Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-15121

Apache Cassandra session reuse vulnerability (TALOS-2019-0828)

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Normal
    • Resolution: Not A Problem
    • None
    • None
    • None
    • All
    • None

    Description

      Hello, the Cisco Talos team found a security vulnerability affecting Apache Cassandra. An exploitable authentication vulnerability exists in Apache Cassandra, versions 2.1.14 and 3.11.3.

      As this is a sensitive security issue, please confirm maintainer for this issue to accept the detailed security advisory report and trigger input files.

       

      For further information about the Cisco Vendor Vulnerability Reporting and Disclosure Policy please refer to this document which also links to our public PGP key. https://tools.cisco.com/security/center/resources/vendor_vulnerability_policy.html

      Please CC vulndev@cisco.com on all correspondence related to this issue. 

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            Talos Cisco Talos
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: