Hazelcast is vulnerable to Information Disclosure. The vulnerability exists in the getOrMaskValue
function at ConfigXmlGenerator.java
because the password is not properly masked which allows an attacker to view sensitive information such as the password.
CPE | Name | Operator | Version |
---|---|---|---|
hazelcast | le | 5.3.0-BETA-2 | |
hazelcast | le | 5.3.0-BETA-2 |