- Description
- Systems running the Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin versions 4.0-rc1-1.0.0 through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0, installed into Apache Cassandra version 4.x, are susceptible to a vulnerability which when successfully exploited could allow authenticated Cassandra users to remotely bypass RBAC and escalate their privileges.
- Source
- security-alert@netapp.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security-alert@netapp.com
- CWE-863
- Hype score
- Not currently trending
🚨 CVE-2025-26511 🔴 HIGH (8.8) 🏢 NetApp - Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin 🏗️ 4.0-rc1-1.0.0 🔗 https://t.co/J8OqrBmVwK #CyberCron #VulnAlert https://t.co/M5061TevPR
@cybercronai
17 Feb 2025
118 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
1 Quote
New post from https://t.co/uXvPWJy6tj (CVE-2025-26511 | Instaclustr Cassandra-Lucene-Index plugin up to 4.0.16-1.0.0/4.1.8-1.0.0 RBAC authentication bypass) has been published on https://t.co/bOv1w53FX2
@WolfgangSesin
13 Feb 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-26511: HIGH] Instaclustr's Cassandra-Lucene-Index plugin version 4.0-rc1-1.0.0 through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0 have a serious security vulnerability, enabling users to bypass RBAC.#cybersecurity,#vulnerability https://t.co/Ly98SYGp9H https://t.c
@CveFindCom
13 Feb 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes