You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Cisco Talos (JIRA)" <ji...@apache.org> on 2019/05/08 15:14:00 UTC

[jira] [Created] (CASSANDRA-15121) Apache Cassandra session reuse vulnerability (TALOS-2019-0828)

Cisco Talos created CASSANDRA-15121:
---------------------------------------

             Summary: Apache Cassandra session reuse vulnerability (TALOS-2019-0828)
                 Key: CASSANDRA-15121
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-15121
             Project: Cassandra
          Issue Type: Bug
            Reporter: Cisco Talos


Hello, the Cisco Talos team found a security vulnerability affecting Apache Cassandra. An exploitable authentication vulnerability exists in Apache Cassandra, versions 2.1.14 and 3.11.3.

As this is a sensitive security issue, please confirm maintainer for this issue to accept the detailed security advisory report and trigger input files.

 

For further information about the Cisco Vendor Vulnerability Reporting and Disclosure Policy please refer to this document which also links to our public PGP key. https://tools.cisco.com/security/center/resources/vendor_vulnerability_policy.html

Please CC [vulndev@cisco.com|mailto:vulndev@cisco.com] on all correspondence related to this issue. 

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org