Network misconfigurations

Azure virtual machine allows direct access to Apache Cassandra service from the Internet

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

By default, Cassandra uses 7000 for cluster communication (7001 if SSL is enabled), 9042 for native protocol clients, 7199 for JMX, and 9160 for Cassandra Thrift RPC. Those ports are open on your virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.

  • Recommended Mitigation

    Configure networking rule to allow incoming Apache Cassandra traffic from allowed IP addresses only.

Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.