Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN364 _____________________________________________________________________ DATE : 08/04/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Apache Cassandra versions prior to 5.0.7+, 4.1.11, 4.0.20. ===================================================================== https://lists.apache.org/thread/2j694chfc5dhxs0gh986tf696zdwbh1n https://lists.apache.org/thread/2op2skhphcq1w3z092v59nv0r1jjowt7 https://lists.apache.org/thread/9rg8llnj4o1rhch67rb2b2sobrwp5q0w _____________________________________________________________________ CVE-2026-27314: Apache Cassandra: Privilege escalation via ADD IDENTITY authorization bypass Severity: low Affected versions: - Apache Cassandra (org.apache.cassandra:cassandra-all) 5.0 through 5.0.6 Description: Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are recommended to upgrade to version 5.0.7+, which fixes this issue. This issue is being tracked as CASSANDRA-21219 Credit: Sho Odagiri, GMO Cybersecurity by Ierae, Inc. (reporter) References: https://cassandra.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-27314 https://issues.apache.org/jira/browse/CASSANDRA-21219 _____________________________________________________________________ CVE-2026-27315: Apache Cassandra: cqlsh history sensitive information leak Severity: low Affected versions: - Apache Cassandra (apache-cassandra) 4.0 through 4.0.19 Description: Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via ~/.cassandra/cqlsh_history local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. However, cqlsh does not redact sensitive information when saving command history. This means that if a user executes operations involving passwords (such as logging in or creating users) within cqlsh, these passwords are permanently stored in cleartext in the history file on the disk. This issue is being tracked as CASSANDRA-21180 Credit: Youlong Chen, Institute of Computing Technology, Chinese Academy of Sciences (reporter) References: https://issues.apache.org/jira/browse/CASSANDRA-21180 https://cassandra.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-27315 https://issues.apache.org/jira/browse/CASSANDRA-21180 _____________________________________________________________________ CASSANDRA-21202: CVE-2026-32588: Apache Cassandra: Authenticated DoS via ALTER ROLE Password Hashing Severity: low Affected versions: - Apache Cassandra (org.apache.cassandra:cassandra-all) 4.0 through 4.0.19 - Apache Cassandra (org.apache.cassandra:cassandra-all) 4.1 through 4.1.10 - Apache Cassandra (org.apache.cassandra:cassandra-all) 5.0 through 5.0.6 Description: Authenticated DoS over CQL in Apache Cassandra 4.0, 4.1, 5.0 allows authenticated user to raise query latencies via repeated password changes. Users are recommended to upgrade to version 4.0.20, 4.1.11, 5.0.7, which fixes this issue. Credit: Youlong Chen, Institute of Computing Technology, Chinese Academy of Sciences (reporter) References: https://cassandra.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-32588 ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================