5 matches found
CVE-2023-33265
In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, executor services don't check client permissions properly, allowing authenticated users to execute tasks on members without the required permissions granted...
am.ik.hazelcast:hazelcast-dns-service-discovery (=1.0.0), br.com.ingenieux:jbake-maven-plugin (>=0.0.3 <=0.0.9) +1377 more potentially affected by CVE-2023-33265 via com.hazelcast:hazelcast (>=1.7 <=5.0.4)
com.hazelcast:hazelcast MAVEN version =1.7, =0.0.3, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =3.1.13, =3.1.485 - ch.mobi.mobitor:mobitor-doc =3.1.13 and more Source cves: CVE-2023-33265 Source advisory: OSV:GHSA-C5VJ-WP4V-MMVX...
cloud.piranha.extension:piranha-extension-hazelcast (>=22.5.0 <=22.11.0), cloud.piranha:debug (>=22.5.0 <=22.11.0) +144 more potentially affected by CVE-2023-33265 via com.hazelcast:hazelcast (>=5.1.1 <=5.1.6)
com.hazelcast:hazelcast MAVEN version =5.1.1, =22.5.0, =22.5.0, =8.1.1, =8.2.0, =5.1.15, =5.1.15, =1.40.0, =0.7.0, =1.1.8, =1.1.8, =1.1.8, =1.1.3, =1.1.8, =1.1.15, =1.1.19 and more Source cves: CVE-2023-33265 Source advisory: OSV:GHSA-C5VJ-WP4V-MMVX...
CVE-2023-33265
creationtimestamp| type| source ---|---|--- 2023-07-18 20:31:04+00:00| seen| https://t.me/cibsecurity/66927...
CVE-2023-33265
Hazelcast vulnerability CVE-2023-33265 affects Hazelcast Platform/IMDG versions 5.0.4 or earlier, 5.1 up to 5.1.6, and 5.2 up to 5.2.3. The root cause is that executor services do not properly enforce client permissions, allowing authenticated users to execute tasks on cluster members without the...