5 matches found
CVE-2024-56518
Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document aka a client configuration file, which can be uploaded at the /cluster-connections URI...
CVE-2024-56518
Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document aka a client configuration file, which can be uploaded at the /cluster-connections URI...
CVE-2024-56518
Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document aka a client configuration file, which can be uploaded at the /cluster-connections URI...
CVE-2024-56518
Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document aka a client configuration file, which can be uploaded at the /cluster-connections URI...
CVE-2024-56518
Hazelcast Management Center (up to version 6.0) is affected by CVE-2024-56518. The vulnerability arises from a JndiLoginModule configuration: an attacker can place a hazelcast-client XML document at the /cluster-connections endpoint containing user.provider.url, enabling remote code execution. Th...