Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions (4.0.16 only)
Description
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on all keyspaces on affected versions should review data access rules for potential breaches.
This issue affects Apache Cassandra 3.0.30, 3.11.17, 4.0.16, 4.1.7, 5.0.2, but this advisory is only for 4.0.16 because the fix to CVE-2025-23015 was incorrectly applied to 4.0.16, so that version is still affected.
Users in the 4.0 series are recommended to upgrade to version 4.0.17 which fixes the issue. Users from 3.0, 3.11, 4.1 and 5.0 series should follow recommendation from CVE-2025-23015.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Apache Cassandra 4.0.16 allows users with MODIFY permission on ALL KEYSPACES to escalate to superuser via unsafe actions; upgrade to 4.0.17.
Vulnerability
A privilege escalation vulnerability exists in Apache Cassandra 4.0.16 due to a privilege defined with unsafe actions. A user granted the MODIFY permission on ALL KEYSPACES can perform unsafe actions on a system resource to escalate their privileges to superuser within the cluster [1].
Attack
Vector The attack requires the user to already have the MODIFY permission on all keyspaces, which is typically granted for data management. By leveraging unsafe actions (e.g., modifying internal system resources), the attacker can bypass intended privilege boundaries.
Impact
Successful exploitation gives the attacker superuser privileges over the Cassandra cluster, allowing full control over all keyspaces, data, and configuration. This can lead to data breaches, data loss, or service disruption.
Mitigation
Apache recommends upgrading Cassandra 4.0.16 to version 4.0.17, which includes the correct fix. Users on other affected versions (3.0.30, 3.11.17, 4.1.7, 5.0.2) should follow guidance from CVE-2025-23015 [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.cassandra:cassandra-allMaven | >= 4.0.16, < 4.0.17 | 4.0.17 |
Affected products
2- Apache Software Foundation/Apache Cassandrav5Range: 4.0.16
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-5c4f-pxmx-xcm4ghsaADVISORY
- lists.apache.org/thread/xxj36rr4d6mzyqpld05dn8b9951hfpz7ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2025-26467ghsaADVISORY
News mentions
0No linked articles in our index yet.