CVE-2020-13946: Apache Cassandra RMI Rebind Vulnerability Alert
On September 1, 2020, Apache officially released a risk notice for the Apache Cassandra RMI rebind vulnerability. The vulnerability number is CVE-2020-13946, the vulnerability level is medium, and the vulnerability score is 6.8.
The Apache Cassandra database is the right choice when you need scalability and high availability without compromising performance. Linear scalability and proven fault-tolerance on commodity hardware or cloud infrastructure make it the perfect platform for mission-critical data. Cassandra’s support for replicating across multiple datacenters is best-in-class, providing lower latency for your users and the peace of mind of knowing that you can survive regional outages.
Affected version
- Apache Cassandra 2.1.x: <2.1.22
- Apache Cassandra 2.2.x: <2.2.18
- Apache Cassandra 3.0.x: <3.0.22
- Apache Cassandra 3.11.x: <3.11.8
- Apache Cassandra 4.0-beta1: <4.0-beta2
Unaffected version
- Apache Cassandra 2.1.22
- Apache Cassandra 2.2.18
- Apache Cassandra 3.0.22
- Apache Cassandra 3.11.8
- Apache Cassandra <4.0-beta2