Published: 18/12/2023 Updated: 25/01/2024

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat data grid
redhat jboss data grid -
infinispan infinispan -

Synopsis Moderate: Red Hat Data Grid 844 security update Type/Severity Security Advisory: Moderate Topic An update for Red Hat Data Grid 8 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...

DescriptionA flaw was found in Infinispan, which does not detect circular object references when unmarshalling An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of serviceA flaw was found in Infinispan, which does ...

NVD-CWE-Other https://access.redhat.com/errata/RHSA-2023:5396 https://access.redhat.com/security/cve/CVE-2023-5236 https://bugzilla.redhat.com/show_bug.cgi?id=2240999 https://security.netapp.com/advisory/ntap-20240125-0004/https://access.redhat.com/errata/RHSA-2023:5396 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-5236

CVE-2023-5236

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect