Researchers have uncovered details of a now-patched substantial-severity security vulnerability in Apache Cassandra that, if still left unaddressed, could be abused to attain remote code execution on impacted installations.
“This Apache security vulnerability is effortless to exploit and has the likely to wreak havoc on systems, but the good news is only manifests in non-default configurations of Cassandra,” Omer Kaspi, security researcher at DevOps firm JFrog, mentioned in a complex compose-up released Tuesday.
Apache Cassandra is an open up-supply, dispersed, NoSQL databases management process for taking care of extremely substantial amounts of structured knowledge throughout commodity servers.
![Mullvad VPN Discount](https://thecybersecurity.news/data/2022/05/Mullvad-VPN-245x300.png)
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
Tracked as CVE-2021-44521 (CVSS score: 8.4), the vulnerability problems a unique situation where the configuration for consumer-defined capabilities (UDFs) are enabled, successfully allowing an attacker to leverage the Nashorn JavaScript engine, escape the sandbox, and obtain execution of untrusted code.
Specially, it was found that Cassandra deployments are vulnerable to CVE-2021-44521 when the cassandra.yaml configuration file incorporates the adhering to definitions:
- permit_consumer_outlined_capabilities: accurate
- permit_scripted_person_outlined_capabilities: accurate
- empower_person_defined_functions_threads: false
“When the [enable_user_defined_functions_threads] solution is set to fake, all invoked UDF functions run in the Cassandra daemon thread, which has a security supervisor with some permissions,” Kaspi said, thus allowing the adversary to disable the security supervisor and break out of the sandbox and operate arbitrary shell instructions on the server.
Apache Cassandra consumers are inspired to enhance to versions 3..26, 3.11.12, and 4..2 to keep away from achievable exploitation, which addresses the flaw by including a new flag “permit_extra_insecure_udfs” that is established to false by default and stops turning off the security manager.
Located this short article exciting? Abide by THN on Facebook, Twitter and LinkedIn to browse a lot more exclusive material we write-up.
Some pieces of this article are sourced from:
thehackernews.com