CVE-2015-0225 — Improper Neutralization of Special Elements used in a Command in Apache Cassand

Description

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.

How to fix CVE-2015-0225

To remediate CVE-2015-0225, upgrade the affected package to a fixed version below.

Maven/org.apache.cassandra:apache-cassandra—upgrade to 2.0.14 or later

Is CVE-2015-0225 being exploited?

Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

>= 1.2.0, < 2.0.14

References (4)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2015-0225
WEBpacketstormsecurity.com/files/131249/Apache-Cassandra-Remote-Code-Execution.html
WEBrhn.redhat.com/errata/RHSA-2015-1947.html
WEBwww.mail-archive.com/[email protected]/msg41819.html