Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN082

_____________________________________________________________________

DATE                : 11/02/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Apache Cassandra versions 4.0.16.

=====================================================================
https://lists.apache.org/thread/q6n9owknd259tm5tcp6l80k1w7wpkvxs
_____________________________________________________________________

CVE-2025-26467: Apache Cassandra: User with MODIFY permission on ALL
KEYSPACES can escalate privileges to superuser via unsafe actions
(4.0.16 only)

Severity: moderate

Affected versions:

- Apache Cassandra 4.0.16


Description:

Privilege Defined With Unsafe Actions vulnerability in Apache
Cassandra. An user with MODIFY permission ON ALL KEYSPACES can
escalate privileges to superuser within a targeted Cassandra cluster
via unsafe actions to a system resource. Operators granting data
MODIFY permission on all keyspaces on affected versions should
review data access rules for potential breaches.

This issue affects Apache Cassandra 3.0.30, 3.11.17, 4.0.16, 4.1.7,
5.0.2, but this advisory is only for 4.0.16 because the fix to
CVE-2025-23015 was incorrectly applied to 4.0.16, so that version
is still affected.

Users in the 4.0 series are recommended to upgrade to version 4.0.17
which fixes the issue. Users from 3.0, 3.11, 4.1 and 5.0 series
should follow recommendation from CVE-2025-23015.


Credit:

Adam Pond of Apple Services Engineering Security (finder)
Ali Mirheidari of Apple Services Engineering Security (finder)
Terry Thibault of Apple Services Engineering Security (finder)
Will Brattain of Apple Services Engineering Security (finder)


References:

https://cassandra.apache.org/
https://www.cve.org/CVERecord?id=CVE-2025-26467


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================