← back
CVE-2023-45860

CVE-2023-45860

CVSS 6.5 MEDIUMEPSS 0.5%CWE-89
In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/hazelcast/hazelcast/pull/25348https://github.com/hazelcast/hazelcast/security/advisories/GHSA-8h4x-xvjp-vf99