5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-13946

GHSA ID

GHSA-24ww-mc5x-xc43

EPSS Score

0.66444%

CWE

CWE-668

Published

5/7/2021

Updated

2/1/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-13946

CVE-2020-13946: Man-in-the-middle attack in Apache Cassandra

In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely.

(GitHub Advisory)

5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-13946

GHSA ID

GHSA-24ww-mc5x-xc43

EPSS Score

0.66444%

CWE

CWE-668

Published

5/7/2021

Updated

2/1/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.cassandra:cassandra-all	maven	>= 2.1.0, < 2.1.12	2.1.12
org.apache.cassandra:cassandra-all	maven	>= 2.2.0, < 2.2.18	2.2.18
org.apache.cassandra:cassandra-all	maven	>= 3.0.0, < 3.0.22	3.0.22
org.apache.cassandra:cassandra-all	maven	>= 3.11.0, < 3.11.8	3.11.8
org.apache.cassandra:cassandra-all	maven	= 4.0-beta1	4.0-beta2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability centers around insecure JMX/RMI registry configuration. Analysis focused on JMX initialization and registry setup functions:

JmxServer.start() is the logical entry point for JMX service initialization where RMI registry creation and security settings would be configured
DatabaseDescriptor.getJmxPort() controls critical network configuration aspects While exact patch details aren't available, the CWE-668 context and MITM attack vector indicate these functions would be modified to:

Add SSLContext configuration
Enforce registry binding to localhost
Validate port assignments Medium confidence stems from matching vulnerability patterns to Cassandra's JMX implementation, though without explicit patch diffs.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In *p**** **ss*n*r*, *ll v*rsions prior to *.*.**, *.*.**, *.*.**, *.**.* *n* *.*-**t**, it is possi*l* *or * lo**l *tt**k*r wit*out ****ss to t** *p**** **ss*n*r* pro**ss or *on*i*ur*tion *il*s to m*nipul*t* t** RMI r**istry to p*r*orm * m*n-in-t**-

Reasoning

T** vuln*r**ility **nt*rs *roun* ins**ur* JMX/RMI r**istry *on*i*ur*tion. *n*lysis *o*us** on JMX initi*liz*tion *n* r**istry s*tup *un*tions: *. JmxS*rv*r.st*rt() is t** lo*i**l *ntry point *or JMX s*rvi** initi*liz*tion w**r* RMI r**istry *r**tion

5.9

Basic Information

Concerned about an active attack path?

CVE-2020-13946: Man-in-the-middle attack in Apache Cassandra

5.9

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI