Published: 03/12/2020 Updated: 10/11/2022

CVSS v2 Base Score: 4.9 | Impact Score: 4.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 6.5 | Impact Score: 5.2 | Exploitability Score: 1.2

VMScore: 436

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:P

A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. When authz is enabled, any user with authentication can perform operations like shutting down the server without the ADMIN role.

Vulnerable Product	Search on Vulmon	Subscribe to Product
infinispan infinispan
redhat data grid 8.0
netapp active iq unified manager -

Synopsis Moderate: Red Hat Data Grid 811 security update Type/Severity Security Advisory: Moderate Topic A security update for Red Hat Data Grid is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2020-1695, CVE-2020-1723, CVE-2020-1725, CVE-2020-10770, CVE-2020-14302, CVE-2020-15522, CVE-2020-25711, CVE-2020-27838, CVE-2020-28052, CVE-2020-28491, CVE-2021-3424, CVE-2021-3712, CVE-2021-20195, CVE-2021-20202, CVE-2021-20222, CVE-2021-20262, CVE-2021-21290, C ...

CWE-862 https://bugzilla.redhat.com/show_bug.cgi?id=1897618 https://security.netapp.com/advisory/ntap-20220210-0023/https://access.redhat.com/errata/RHSA-2021:0433 https://nvd.nist.gov https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-134/index.html

CVE-2020-25711

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect