Details
Normal Description
Cassandra permits all users with SELECT on system_auth.roles to access contents of the salted_hash column. This column contains a bcrypt hash, which shouldn't be visible. This isn't a significant security risk at the current time, but is prone to retrospective decryption. We should protect this column so passwords cannot be cracked in the future.
$ ./bin/cqlsh -u cassandra -p cassandra [cqlsh 6.3.0 | Cassandra 5.1-SNAPSHOT | CQL spec 3.4.8 | Native protocol v5] cassandra@cqlsh> CREATE ROLE nonsuperuser WITH LOGIN=true AND PASSWORD='nonsuperuser'; cassandra@cqlsh> GRANT SELECT ON system_auth.roles TO nonsuperuser; cassandra@cqlsh> exit; $ ./bin/cqlsh -u nonsuperuser -p nonsuperuser [cqlsh 6.3.0 | Cassandra 5.1-SNAPSHOT | CQL spec 3.4.8 | Native protocol v5] nonsuperuser@cqlsh> SELECT * FROM system_auth.roles; role | can_login | is_superuser | member_of | salted_hash --------------+-----------+--------------+-----------+-------------------------------------------------------------- cassandra | True | True | null | $2a$10$WMg9UlR7F8Ko7LZxEyg0Ue12BoHR/Dn/0/3YtV4nRYCPcY7/5OmA6 nonsuperuser | True | False | null | $2a$10$HmHwVZRk8F904UUNMiUYi.xkVglWyKNgHMo1xJsCCKirwyb9NO/im (2 rows)
Patches available: