Improper Privilege Management
Privilege escalation when enabling FQL/Audit logs allows users with JMX access to run arbitrary commands as the user running Apache Cassandra. This issue affects Apache Cassandra: versions 4.0-alpha1 through 4.0.9 and 4.1-alpha1 through 4.1.1. Workaround: The vulnerability requires nodetool/JMX access to be exploitable, disable access for any non-trusted users. MITIGATION Upgrade to a fixed version and leave the new FQL/Auditlog configuration property "allow_nodetool_archive_command" as false.
CWE-269 - Improper Privilege Management
An effective privilege management infrastructure provides valid users with required access and privileges across heterogeneous technology environments. An application with a faulty privilege management infrastructure allows higher than authorized privileges or enables privilege escalation. This can lead to security incidents such as system infiltration, data breach, and complete system takeover.