Vulnerabilities > Apache > Cassandra > 3.8

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-28	CVE-2018-8016	Missing Authentication for Critical Function vulnerability in Apache Cassandra The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. network low complexity apache CWE-306 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.