Maven package
org.apache.cassandra/apache-cassandra
pkg:maven/org.apache.cassandra/apache-cassandra
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-0225 | — | >= 1.2.0, < 2.0.14 | 2.0.14 | Apr 3, 2015 | The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. |
- CVE-2015-0225Apr 3, 2015affected >= 1.2.0, < 2.0.14fixed 2.0.14
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.