You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Cisco Talos (JIRA)" <ji...@apache.org> on 2019/05/08 15:14:00 UTC
[jira] [Created] (CASSANDRA-15121) Apache Cassandra session reuse
vulnerability (TALOS-2019-0828)
Cisco Talos created CASSANDRA-15121:
---------------------------------------
Summary: Apache Cassandra session reuse vulnerability (TALOS-2019-0828)
Key: CASSANDRA-15121
URL: https://issues.apache.org/jira/browse/CASSANDRA-15121
Project: Cassandra
Issue Type: Bug
Reporter: Cisco Talos
Hello, the Cisco Talos team found a security vulnerability affecting Apache Cassandra. An exploitable authentication vulnerability exists in Apache Cassandra, versions 2.1.14 and 3.11.3.
As this is a sensitive security issue, please confirm maintainer for this issue to accept the detailed security advisory report and trigger input files.
For further information about the Cisco Vendor Vulnerability Reporting and Disclosure Policy please refer to this document which also links to our public PGP key. https://tools.cisco.com/security/center/resources/vendor_vulnerability_policy.html
Please CC [vulndev@cisco.com|mailto:vulndev@cisco.com] on all correspondence related to this issue.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org