{"id":"CVE-2026-27314","summary":"Apache Cassandra: Privilege escalation via ADD IDENTITY authorization bypass","details":"Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role,\nincluding a superuser role, and authenticate as that role via ADD IDENTITY.\n\nUsers are recommended to upgrade to version 5.0.7+, which fixes this issue.","aliases":["GHSA-qxpc-96fq-wwmg"],"modified":"2026-07-08T07:48:30.229803115Z","published":"2026-04-07T16:33:44.448Z","database_specific":{"unresolved_ranges":[{"extracted_events":[{"introduced":"5.0"},{"last_affected":"5.0.6"}],"source":"AFFECTED_FIELD"}],"cwe_ids":["CWE-267"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/27xxx/CVE-2026-27314.json","cna_assigner":"apache"},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/07/7"},{"type":"WEB","url":"https://repo.maven.apache.org/maven2/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/27xxx/CVE-2026-27314.json"},{"type":"ADVISORY","url":"https://lists.apache.org/thread/zrng82ddy4rpsmfyk582v6hqxcqrbz7f"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27314"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/cassandra","events":[{"introduced":"186272edca920c757b91bf95c2392bafa1a38d72"},{"fixed":"0269fd5665751e8a6d8eab852e0f66c142b10ee6"}],"database_specific":{"cpe":"cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"5.0.0"},{"fixed":"5.0.7"}],"source":"CPE_RANGE"}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-27314.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}