FlagThis

Multiple critical vulnerabilities have been discovered in Apache Cassandra, raising concerns about unauthorized access, privilege escalation, and potential theft of JMX credentials. These flaws, identified as CVE-2024-27137, CVE-2025-24860, and CVE-2025-23015, impact a wide range of Cassandra versions, potentially exposing sensitive data to malicious actors. Organizations relying on the open-source NoSQL database are urged to take immediate action.

The most alarming vulnerability, CVE-2025-24860, allows attackers to bypass network authorization controls. Specifically, it affects the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer, granting unauthorized access to different network regions. This issue impacts Apache Cassandra versions 4.0.0 through 4.0.15, 4.1.0 through 4.1.7 for CassandraNetworkAuthorizer, and from 5.0.0 through 5.0.2 for both CassandraNetworkAuthorizer and CassandraCIDRAuthorizer. Users with restricted data center access can even escalate their own permissions through Data Control Language (DCL) statements on affected versions. Operators are advised to review data access rules and upgrade to versions 4.0.16, 4.1.8, 5.0.3, which address the issue.

ImgSrc: securityonline.info

References:

• buherator's timeline - Apache Cassandra vulnerabilities: CVE-2024-27137: Unrestricted deserialization of JMX authentic... - 15d
• Open Source Security - CVE-2025-24860: Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions - 15d
• Vulnerability Archives ? Cybersecurity News - Security Flaws Discovered in Apache Cassandra: Unauthorized Access, Privilege Escalation, and JMX Credential Theft - 15d

Classification:

• HashTags: ApacheCassandra Vulnerability Security
• Company: Apache
• Target: Apache Cassandra users
• Product: Apache Cassandra
• Feature: Authorization, JMX, Network
• Type: Vulnerability
• Severity: Critical