VDB

CISA-2023-45859

CISA-2023-45859 PUBLISHED CVSS 7.6 HIGH

Reported by mitre · Published February 28, 2024

In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster.

Risk Scores

CVSS 3.1
7.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Affected Products

VendorProductVersions
n/an/an/a
n/an/an/a, n/a

Timeline

  • Feb 28, 2024 CVE Published
  • Nov 29, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›