Описание
In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| hazelcast | itp | package |
EPSS
Процентиль: 39%
0.0017
Низкий
Связанные уязвимости
CVSS3: 7.6
nvd
почти 2 года назад
In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster.
CVSS3: 7.6
github
почти 2 года назад
Missing permission checks on Hazelcast client protocol
EPSS
Процентиль: 39%
0.0017
Низкий