Lucene search
K

6 matches found

Veracode
Veracode
added 2024/02/19 7:24 a.m.11 views

Improper Authorization

com.hazelcast:hazelcast is vulnerable to Improper Authorization. The issue exists within the SQL mapping for the CSV File Source connector. The vulnerability is due to inadequate permission checking, allowing unauthorized clients to access data from files stored on a member's filesystem. Attacker...

6.5CVSS6.9AI score0.00528EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2024/02/16 11:14 p.m.16 views

Hazelcast Platform permission checking in CSV File Source connector

Impact In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem. Patches Fix...

6.5CVSS7.5AI score0.00528EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2024/02/16 10:15 a.m.14 views

CVE-2023-45860

In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem...

6.5CVSS6.8AI score0.00528EPSS
Exploits0References2
OSV
OSV
added 2024/02/16 10:15 a.m.7 views

CVE-2023-45860

In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem...

6.5CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2024/02/16 10:15 a.m.13 views

Design/Logic Flaw

In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem...

7.5AI score0.00528EPSS
Exploits0References2
CVE
CVE
added 2024/02/16 12:0 a.m.73 views

CVE-2023-45860

Hazelcast Platform up to 5.3.4 is affected by a permission-checking flaw in the SQL mapping for the CSV File Source connector, potentially enabling unauthorized clients to read files on a member’s filesystem. Root cause: inadequate access checks. Impact: data exposure of local files. Remediation:...

6.5CVSS7AI score0.00528EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder