Published: 18/12/2023 Updated: 25/01/2024

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat jboss data grid -
redhat jboss enterprise application platform 6
redhat data grid
infinispan infinispan -

Synopsis Moderate: Red Hat Data Grid 844 security update Type/Severity Security Advisory: Moderate Topic An update for Red Hat Data Grid 8 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...

DescriptionA flaw was found in Infinispan's REST Bulk read endpoints do not properly evaluate user permissions for the operation This issue could allow an authenticated user to access information outside of their intended permissionsA flaw was found in Infinispan's REST Bulk read endpoints do not properly evaluate user permissions for th ...

NVD-CWE-Other https://access.redhat.com/errata/RHSA-2023:5396 https://access.redhat.com/security/cve/CVE-2023-3628 https://bugzilla.redhat.com/show_bug.cgi?id=2217924 https://security.netapp.com/advisory/ntap-20240125-0004/https://access.redhat.com/errata/RHSA-2023:5396 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-3628

CVE-2023-3628

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect