The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.

Apache Cassandra 1.2.0 through 1.2.19、2.0.0 through 2.0.13 和 2.1.0 through 2.1.3 的默认配置将未验证的 JMX/RMI 接口绑定到所有网络接口，这允许远程攻击者通过 RMI 请求执行任意的 Java 代码。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）