How do I know if I'm vulnerable to the flaw found in Apache Cassandra?

I saw a couple articles on SC Media and Threatpost outlining a new vulnerability found in Apache Cassandra - CVE-2021-44521

Do you have any queries that would help me find out if our systems are at risk?


  • Tony
    Tony mod
    edited February 2022
    Hi Ashleigh!

    You can identify resources impacted by CVE-2021-44521 using the following query:

    FIND (Finding|cve) WITH name='CVE-2021-44521' OR cveId='CVE-2021-44521'
       THAT RELATES to * 

  • Hey Ashleigh! Thank you for your question. Here’s an alternative query that also works for cloud service providers: 

    Find DataStore
      with engine = 'cassandra'
      and engineVersion != ('3.0.26' or '3.11.12' or '4.0.2')

This Month's Leaders