Security News > 2022 > February > High-Severity RCE Bug Found in Popular Apache Cassandra Database

High-Severity RCE Bug Found in Popular Apache Cassandra Database
2022-02-16 16:03

Researchers have shared details about a now-patched, high-severity security bug in the Apache Cassandra open-source NoSQL distributed database that's easy to exploit and, if left unpatched, could enable attackers to gain remote code execution.

In a Tuesday writeup, JFrog security researcher Omer Kaspi said that on the upside, the only Cassandra systems that are vulnerable to the flaw are those with a particular, non-standard and, specifically, not recommended configuration.

Cassandra is a highly scalable, widely used distributed database known for being efficient and highly available, given that such databases don't have a single point of failure: a big plus for businesses that can't lose data or endure system downtime.

"Cassandra is a highly scalable, distributed NoSQL database that is extremely popular due to the benefits of its distributed nature," Kaspi said.

The researcher added that Cassandra is also extremely popular in DevOps and cloud-native development circles, "As can be seen by its support in CNCF projects."

While researching the Cassandra UDF sandbox implementation, researchers realized that a mix of specific configuration options could allow them to abuse the Nashorn engine, escape the sandbox and achieve RCE: the vulnerability reported as CVE-2021-44521.


News URL

https://threatpost.com/high-severity-rce-bug-found-in-popular-apache-cassandra-database/178464/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2021-44521 Incorrect Permission Assignment for Critical Resource vulnerability in Apache Cassandra
When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host.
network
low complexity
apache CWE-732
critical
9.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 549 713 367 1642