Network misconfigurations

Azure virtual machine allows direct public Apache Cassandra service (client communication) access


By default, Cassandra uses 9042 for native protocol clients, and 9160 for Cassandra Thrift RPC. Those ports, using for client communication, open on your virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices and decrease the risk for malicious activities, you should restrict access to be only from allowed IP addresses.
  • Recommended Mitigation

    Configure networking rule to allow incoming Apache Cassandra traffic from allowed IP addresses only.