DescriptionGuilherme de Almeida Suckevicz
2021-02-02 13:43:06 UTC
When using ‘dc’ or ‘rack’ internode_encryption setting, a Cassandra instance allows both encrypted and unencrypted connections. A misconfigured node or a malicious user can use the unencrypted connection despite not being in the same rack or dc, and bypass mutual TLS requirement.
Reference:
https://www.openwall.com/lists/oss-security/2021/02/02/1
Comment 1Product Security DevOps Team
2021-02-03 08:41:39 UTC