[BUG] Cassandra Unauthenticated

[ashish-shroff-bugb]

Host: 8.215.22.248
Vulnerability Name: Cassandra Unauthenticated Check

Host Information

• IP Address: 8.215.22.248
• Domain: wazuh.com
• Service: Apache Cassandra
• Version: 4.1.7

---

Vulnerability Summary

1. Version Mismatch Warning

• Description: The Cassandra Query Language Shell (cqlsh) was built against version 4.1.4, but the server is running version 4.1.7. This mismatch may lead to compatibility issues, where certain features of cqlsh may not function as expected, potentially affecting the integrity and availability of the service.
• Port: Default Cassandra port is 9042.

Steps to Reproduce

1. Connect to the Cassandra server using cqlsh:

   cqlsh 8.215.22.248

2. Observe the warning message upon connection:

   WARNING: cqlsh was built against 4.1.4, but this server is 4.1.7. All features may not work!
   

3. Verify the server version by executing the following command:

   SELECT release_version FROM system.local;

   • Output:

      release_version
     -----------------
                4.1.7
     (1 rows)
     

CVSS Score Calculation

• Base Score: 5.0
• Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
• Severity: Medium

---

Recommendations

1. Update cqlsh to Match Server Version: Ensure that the version of cqlsh being used is compatible with the server version (4.1.7) to prevent any feature incompatibility and enhance stability.

2. Regularly Monitor and Patch: Implement a routine to regularly check for updates and patches for both the Cassandra server and associated tools like cqlsh to maintain compatibility and security.

---

This report highlights the importance of maintaining version compatibility between tools and services to ensure optimal performance and security. By following the recommendations, the risk associated with this vulnerability can be mitigated effectively.