Vulnerabilities

CVE-2023-45859

by Fred · 28/02/2024

In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don’t check permissions properly, allowing authenticated users to access data stored in the cluster.

Date published : 2024-02-28

https://github.com/hazelcast/hazelcast/pull/25509

https://github.com/hazelcast/hazelcast/security/advisories/GHSA-xh6m-7cr7-xx66

Similar

Tags: Cybersecurity Alert