← voltar
CVE-2023-45859

CVE-2023-45859

CVSS 7.6 HIGHEPSS 0.5%CWE-922
In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/hazelcast/hazelcast/pull/25509https://github.com/hazelcast/hazelcast/security/advisories/GHSA-xh6m-7cr7-xx66