Miggo Logo
Miggo Vulnerability Database
CVE-2015-0225

CVE-2015-0225:
Improper Neutralization of Special Elements used in a Command in Apache Cassandra

7.5

CVSS Score

Basic Information

CVE ID
CVE-2015-0225
GHSA ID
GHSA-w7f2-gjxf-2gm9
EPSS Score
0.74725%
CWE
CWE-77
Published
5/14/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.cassandra:apache-cassandramaven>= 1.2.0, < 2.0.142.0.14
org.apache.cassandra:apache-cassandramaven>= 2.1.0, < 2.1.42.1.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from insecure JMX/RMI configuration in Apache Cassandra. The primary entry point for service initialization is CassandraDaemon.start(), which would handle JMX setup. The JMXServerUtils.createJMXServer() is directly responsible for JMX server creation. Both would appear in stack traces during exploitation as they handle the vulnerable JMX initialization. The confidence is high for CassandraDaemon.start() as it's the main service entry point, and medium for JMXServerUtils.createJMXServer() as its involvement is inferred from JMX-related mitigation documentation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** ****ult *on*i*ur*tion in *p**** **ss*n*r* *.*.* t*rou** *.*.**, *.*.* t*rou** *.*.**, *n* *.*.* t*rou** *.*.* *in*s *n un*ut**nti**t** JMX/RMI int*r**** to *ll n*twork int*r****s, w*i** *llows r*mot* *tt**k*rs to *x**ut* *r*itr*ry J*v* *o** vi* *

Reasoning

T** vuln*r**ility st*ms *rom ins**ur* JMX/RMI *on*i*ur*tion in *p**** **ss*n*r*. T** prim*ry *ntry point *or s*rvi** initi*liz*tion is `**ss*n*r****mon.st*rt()`, w*i** woul* **n*l* JMX s*tup. T** `JMXS*rv*rUtils.*r**t*JMXS*rv*r()` is *ir**tly r*spons