Lucene search
Veracode Vulnerability DatabaseVERACODE:45689HistoryFeb 29, 2024 - 5:38 a.m.
Missing Permission Checks
2024-02-2905:38:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
software vulnerability data access
com.hazelcast:hazelcast is vulnerable to Missing Permission Checks. The vulnerability is due to some client operations not checking permissions properly. This flaw allowing authenticated users to access data stored in the cluster.
References
github.com/hazelcast/hazelcast/commit/1eec447afaff529381e8cf8af07b368b2665883c
github.com/hazelcast/hazelcast/commit/8150451b5148a350f7428882fb2cb13778415547
github.com/hazelcast/hazelcast/commit/e9d9b6dc3e46b147071c97a2d92a496479ef7439
github.com/hazelcast/hazelcast/pull/25509
github.com/hazelcast/hazelcast/security/advisories/GHSA-xh6m-7cr7-xx66
Related
cve
cve
CVE-2023-45859
2024-02-28 22:15:26
cvelist
cvelist
CVE-2023-45859
2024-02-28 00:00:00
nessus
nessus
osv
osv
Missing permission checks on Hazelcast client protocol
2024-02-27 21:54:15
CVE-2023-45859
2024-02-28 22:15:26
nvd
nvd
CVE-2023-45859
2024-02-28 22:15:26
prion
prion
Design/Logic Flaw
2024-02-28 22:15:00
github
github
Missing permission checks on Hazelcast client protocol
2024-02-27 21:54:15