CVE-2023-45860

CVSS 6.5 MEDIUMEPSS 0.5%CWE-89

In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/hazelcast/hazelcast/pull/25348 https://github.com/hazelcast/hazelcast/security/advisories/GHSA-8h4x-xvjp-vf99