Details

The cassandra role has a default password which must be changed.

Rationale:

Failure to change the default password for the cassandra role may pose a risk to the database in the form of unauthorized access.

Solution

Change the password for the cassandra role by issuing the following command:
cqlsh -u cassandra -p cassandra
alter role ‘cassandra’ with password ‘‘;
Where is replaced with the password of your choosing.

Default Value:
cassandra

References:
http://cassandra.apache.org/doc/latest/operating/security.html

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2309

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-2(9)
• CSCv6|16
• CSCv7|4.3

Source

• Tenable.com/audits