Bug 2390786 (CVE-2025-26467)
| Summary: | CVE-2025-26467 org.apache.cassandra:cassandra-all: Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions (4.0.16 only) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | asoldano, bbaranow, bmaxwell, brian.stansberry, darran.lofthouse, dkreling, dosoudil, fjuma, gmalinko, istudens, ivassile, iweiss, janstey, mosmerov, msochure, msvehla, nwallace, pdelbell, pesilva, pjindal, pmackay, rstancel, rstepani, smaestri, tom.jenkinson |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A Privilege Defined With Unsafe Actions vulnerability exists in Apache Cassandra. In affected versions, a user with MODIFY permission on all keyspaces can exploit unsafe operations against certain system resources to escalate privileges and gain superuser access within the Cassandra cluster. This escalation is possible because granting MODIFY at the global keyspace level inadvertently extends to sensitive resources, allowing abuse beyond the intended scope of data modification privileges.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-08-25 15:01:46 UTC
|