{"containers": {"cna": {"affected": [{"product": "Apache Cassandra", "vendor": "n/a", "versions": [{"status": "affected", "version": "All versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2"}]}], "descriptions": [{"lang": "en", "value": "In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely."}], "problemTypes": [{"descriptions": [{"description": "Insufficiently Protected Credentials", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-21T08:06:25", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200901 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce%40%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200902 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7%40%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200911 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc%40%3Cuser.cassandra.apache.org%3E"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210521-0005/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2020-13946", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Cassandra", "version": {"version_data": [{"version_value": "All versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficiently Protected Credentials"}]}]}, "references": {"reference_data": [{"name": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E", "refsource": "MISC", "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200901 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce@%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200902 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7@%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200911 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc@%3Cuser.cassandra.apache.org%3E"}, {"name": "https://security.netapp.com/advisory/ntap-20210521-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210521-0005/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:32:14.251Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200901 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce%40%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200902 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7%40%3Cuser.cassandra.apache.org%3E"}, {"name": "[cassandra-user] 20200911 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc%40%3Cuser.cassandra.apache.org%3E"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210521-0005/"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2020-13946", "datePublished": "2020-09-01T20:49:32", "dateReserved": "2020-06-08T00:00:00", "dateUpdated": "2024-08-04T12:32:14.251Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*", "matchCriteriaId": "930123F9-7681-4950-A69A-4B1DB6CFC157", "versionEndExcluding": "2.1.22", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*", "matchCriteriaId": "53EC5281-8A0B-45A9-8E05-6709516DDFCD", "versionEndExcluding": "2.2.18", "versionStartIncluding": "2.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE85F320-9AD4-48CA-AAD6-D3436E132204", "versionEndExcluding": "3.0.22", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*", "matchCriteriaId": "291DAFA7-48C8-43D0-A800-FC0337764EB4", "versionEndExcluding": "3.11.8", "versionStartIncluding": "3.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:4.0.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "730AD2BE-5DF1-42C1-934E-B4C4EA4B6BA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:4.0.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "04C093DB-F50C-465D-96DE-02B18EDA4F77", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:4.0.0:alpha3:*:*:*:*:*:*", "matchCriteriaId": "A983471D-B99E-4072-9471-CC84645DC76C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:4.0.0:alpha4:*:*:*:*:*:*", "matchCriteriaId": "C0F8BC82-2AA3-4892-9541-A3D4EC4B5C80", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cassandra:4.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "A7B8B2B7-874C-45C7-88B9-CAEF8F12D1EA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely."}, {"lang": "es", "value": "En Apache Cassandra, todas las versiones anteriores a 2.1.22, 2.2.18, 3.0.22, 3.11.8 y 4.0-beta2, es posible a un atacante local sin acceso al proceso de Apache Cassandra o archivos de configuraci\u00f3n manipular el registro RMI para llevar a cabo un ataque de tipo man-in-the-middle y capturar los nombres de usuario y las contrase\u00f1as usadas para acceder a la interfaz JMX. El atacante puede usar estas credenciales para acceder a la interfaz JMX y llevar a cabo operaciones no autorizadas. Los usuarios tambi\u00e9n deben conocer de CVE-2019-2684, una vulnerabilidad de JRE que permite explotar este problema remotamente"}], "id": "CVE-2020-13946", "lastModified": "2024-11-21T05:02:12.400", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-01T21:15:11.833", "references": [{"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7%40%3Cuser.cassandra.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce%40%3Cuser.cassandra.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc%40%3Cuser.cassandra.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210521-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7%40%3Cuser.cassandra.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce%40%3Cuser.cassandra.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc%40%3Cuser.cassandra.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210521-0005/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:0811", "cpe": "cpe:/a:redhat:integration:1", "impact": "low", "package": "cassandra", "product_name": "Red Hat Integration - Camel K - Tech-Preview 3", "release_date": "2021-03-11T00:00:00Z"}], "bugzilla": {"description": "cassandra: allows manipulation of the RMI registry to perform a MITM attack and capture user names and passwords used to access the JMX interface", "id": "1875830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875830"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely.", "A flaw was found in cassandra in versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2. A local attacker without access to the Apache Cassandra process or configuration files can manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. A JRE vulnerability (CVE-2019-2684) enables this issue to be exploited remotely. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "name": "CVE-2020-13946", "package_state": [{"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Affected", "impact": "low", "package_name": "cassandra", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Out of support scope", "package_name": "cassandra", "product_name": "Red Hat JBoss Operations Network 3"}], "public_date": "2020-09-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-13946\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-13946"], "threat_severity": "Moderate"}