[
https://issues.apache.org/jira/browse/CASSANDRA-21202?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Semb Wever updated CASSANDRA-21202:
-------------------------------------------
Source Control Link:
https://github.com/apache/cassandra/commit/17c573f800dca4399715aadd61e84a10547a8003
https://github.com/apache/cassandra-dtest/commit/773d044efd91bbbb2a172a6a5159973b578f7d24
https://github.com/apache/cassandra/commit/300c216aa61dee769ed16edce135270f1d0a6
(was:
https://github.com/apache/cassandra/commit/17c573f800dca4399715aadd61e84a10547a8003
https://github.com/apache/cassandra-dtest/commit/773d044efd91bbbb2a172a6a5159973b578f7d24)
> rate-limit role password changes
> --------------------------------
>
> Key: CASSANDRA-21202
> URL: https://issues.apache.org/jira/browse/CASSANDRA-21202
> Project: Apache Cassandra
> Issue Type: Improvement
> Components: Feature/Authorization
> Reporter: Michael Semb Wever
> Assignee: Michael Semb Wever
> Priority: Normal
> Fix For: 4.0.20, 4.1.11, 5.0.7, 6.0-alpha1, 6.0
>
>
> CVE-2026-32588 – https://www.cve.org/CVERecord?id=CVE-2026-32588
> Authenticated DoS over CQL in Apache Cassandra 4.0, 4.1, 5.0 allows
> authenticated user to raise query latencies via repeated password changes.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
