Remote code execution vulnerability in Apache Cassandra - CVE-2021-44521 (dpkg)ID: oval:org.secpod.oval:def:78020 | Date: (C)2022-03-08 (M)2023-11-29 |
Class: VULNERABILITY | Family: unix |
The host is installed with Apache Cassandra 3.0.x before 3.0.26, 3.11.x before 3.11.12 or 4.0.x before 4.0.2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle configuration of user defined functions. Successful exploitation allows attacker to execute arbitrary code on the host.