RMI Rebind Vulnerability in Apache Cassandra Affects User Credential Security
CVE-2020-13946

5.9MEDIUM

Key Information:

Vendor
Apache
Status
Apache Cassandra
Vendor
CVE Published:
1 September 2020

Summary

In Apache Cassandra, various versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8, and 4.0-beta2, a local attacker can exploit the RMI registry to conduct a man-in-the-middle attack. This vulnerability allows the attacker to capture user credentials—including usernames and passwords—used for accessing the JMX interface. Once the attacker has these credentials, they can perform unauthorized operations within the system. It is also critical to note that the JRE vulnerability identified in CVE-2019-2684 can facilitate this exploit remotely.

Affected Version(s)

Apache Cassandra All versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2

References

https://lists.apache.org/thread.html/rcd7544b24d8fc32b795...
x_refsource_MISC
https://lists.apache.org/thread.html/r718e01f61b35409a4f7...
mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r1fd117082b992e7d43c...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.