External risk intelligence

Bitnami Cassandra Container Retained Default Superuser Vulnerability

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-47846

This vulnerability affects a database container (Apache Cassandra). Databases are typically deployed within internal network segments, protected by firewalls, and are not intended to be directly exposed to the public internet. While network-reachable in some environments, public internet exposure for this type of service is uncommon and usually represents a misconfiguration.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

A vulnerability in Bitnami container images for Cassandra may allow unauthorized access through an unintended default account. This could potentially expose sensitive data or allow malicious actions within the database environment.

Unintended default account leaves database exposed.
Confirms potential for unauthorized access.
Verify relevance and assess exposure.

Attack Path

How an attacker could exploit the issue

An attacker could gain unauthorized access to a Bitnami Cassandra container if it was not properly secured. When a new administrator account is created, the system may fail to remove the default `cassandra` superuser credentials, leaving them active. This unintended access path allows an attacker to potentially take control of the database.

Unsecured network access required.
Default superuser credentials remain active.
Unauthorized database control possible.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow unauthorized access to the Cassandra database when custom administrator accounts are not properly configured. If the default `cassandra` superuser account remains active due to an initialization script error, it presents an unintended access path.

Cassandra database access.
Unintended default superuser.
Unauthorized data access or modification.

Operational Fix

Recommended remediation, mitigation, and detection steps

Application owners and infrastructure or platform teams are likely responsible for addressing this vulnerability in Bitnami Cassandra container images. The first practical step is to identify all deployments of the affected container image, determine their reachability and criticality, and then coordinate remediation with the responsible teams.

Application owners should confirm their deployments.
Verify if the default superuser account is exposed.
Plan updates during scheduled maintenance windows.

Supplementary metadata

CVSS vector

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Free EASM Trial See How Signal Works

Frequently asked questions

What is the Bitnami Cassandra container image?

Bitnami provides pre-packaged Apache Cassandra container images used to simplify the deployment of this popular NoSQL database within containerized environments like Kubernetes or Docker. These images include the necessary software stack to run Cassandra, but they rely on initialization scripts to handle setup tasks, such as configuring initial administrator credentials when the container first starts.

What does CWE-798 mean for CVE-2026-47846?

This CVE involves CWE-798, which is the weakness classification for 'Use of Hard-coded Credentials.' In this specific case, the container fails to remove the well-known, default 'cassandra:cassandra' superuser account after a custom administrator is defined. Because this default account persists, it serves as a backdoor, allowing anyone who knows the standard credentials to bypass custom security configurations and gain full control over the database.

How is this Cassandra superuser vulnerability triggered?

The issue is triggered during the container initialization process when a custom administrator is defined via the CASSANDRA_USER environment variable. If the script fails to remove the default account, the vulnerability exists. It is important to note that simply using the image is not the sole trigger; the issue specifically relates to the failure of the cleanup process during the automated setup of a custom user.

Is my Cassandra database likely exposed to this threat?

According to Halo Surface Signal, this vulnerability is classified as unlikely to be directly exposed to the public internet because Cassandra is typically deployed within internal network segments. While it is technically possible for such a database to be reachable over the internet, doing so is uncommon and generally considered a configuration error. Focus your attention on instances where network access controls might be missing.

What should I do if I run Bitnami Cassandra containers?

Begin by auditing your infrastructure to identify all active deployments using the affected Bitnami Cassandra versions. Once identified, check if the default 'cassandra' superuser account is still active in those environments. Consult the official Bitnami security advisory for the specific updated image tags that resolve this script error and coordinate with your team to schedule an update during your next maintenance window.

References

github.com/bitnami/containers/security/advisories/GHSA-8q3j-37vg…

Written by Nicholas Merritt

Nicholas Merritt is VP of Security Solutions at Halo Security. With more than 25 years across application security, vulnerability prioritization, and offensive security, he helps teams translate threat data into practical exposure validation and remediation focus. He authors Halo Threat Intelligence CVE advisories using Halo Surface Signal and H/A/L/O context to prioritize internet-facing risk.