Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-44521

CWE-94Code InjectionCWE-732Incorrect Permission Assignment6 documents6 sources
Severity
9.1CRITICAL
EPSS
90.6%
top 0.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apache Software Foundation Apache CassandraApache Cassandra
Timeline
PublishedFeb 11
Latest updateFeb 12

Description

When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages3 packages

NVDapache/cassandra3.0.03.0.26+2
Mavenorg.apache.cassandra:cassandra-all3.11.03.11.12+2
CVEListV5apache_software_foundation/apache_cassandra3.0.0unspecified+5

🔴Vulnerability Details

3
OSV
Apache Cassandra vulnerable to Code Injection due to unsafe configuration2022-02-12
GHSA
Apache Cassandra vulnerable to Code Injection due to unsafe configuration2022-02-12
CVEList
Remote code execution for scripted UDFs2022-02-11

💥Exploits & PoCs

1
Nuclei
Apache Cassandra Load UDF RCE

📋Vendor Advisories

1
Red Hat
cassandra: RCE for scripted UDFs2022-02-11
CVE-2021-44521 (CRITICAL CVSS 9.1) | When running Apache Cassandra with | cvebase.io