April 19, 2024

Researchers disclosed details of a now-patched high-severity security vulnerability CVE-2021-44521 in Apache Cassandra an open-source NoSQL database software that could be exploited by remote attackers to achieve code execution on affected installations.

Advertisements

Cassandra offers to create user-defined-functions (UDFs) that allow to perform custom processing of data in the database.Java and JavaScript used to write UDFs. Nashorn engine in the Java Runtime Environment (JRE) which is not secure when accepting untrusted code

Researchers discovered that when the configuration for UDFs are enabled, threat actors could leverage the Nashorn engine to escape the sandbox and achieve remote code execution.

Experts noticed that the exploitation is possible when the cassandra.yaml configuration file contains the following definitions:

  • enable_user_defined_functions:
  • trueenable_scripted_user_defined_functions:
  • trueenable_user_defined_functions_threads: false
Advertisements

If the option is set to false, all invoked UDF functions run in the Cassandra daemon thread, which has a security manager with some permissions.

Apache released versions 3.0.26, 3.11.12, and 4.0.2 to address the vulnerability, it adds a new flag “allow_extra_insecure_udfs” that’s set to false by default, it prevents turning off the security manager and blocks access to java.lang.System

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

HashiCorp Critical Vulnerability – CVE-2024-3817

April 18, 2024

Cisco Integrated Management Controller Vulnerabilities

April 18, 2024

Windows Kernel Vulnerability – CVE-2024-21338 PoC Exploit Released

April 17, 2024

Cisco Duo Identify Data Breach

April 17, 2024

Tanium new Automate Feature

April 16, 2024

Patch released CVE-2024-3400 added to KEV Catalog

April 16, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading