CVE-2023-45859

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-45859
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-45859.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-45859
Aliases
Published
2024-02-28T22:15:26Z
Modified
2024-10-08T00:03:39Z
Summary
[none]
Details

In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster.

References

Affected packages

Git / github.com/hazelcast/hazelcast

Affected ranges

Type
GIT
Repo
https://github.com/hazelcast/hazelcast
Events
Introduced
966c57c236a7de898824ea9f5a38bfdd5f79995d
Last affected
4508077c2071f97718a765bd7483056f60b398fd
Introduced
a3ae01dcbfa32e3b314047506dadf837d54e8e2a
Last affected
64425c3be4ab416cd3dbaa741d1018b6a8dfe874
Introduced
1e16b359d94195fc4ee11749f5c95ef742438352
Last affected
74bb9d9cbd2d6f996d5692bc805fd969b6907d72
Introduced
1ab727191c858afcfc46cc1641fdf63c5ad761c5
Last affected
d8c0953be2885283ff73d5a3b66f69a66d58ea03
Introduced
ba7949935d4765029611fa6729716825f87621c6
Last affected
eeda08aafe071206d7e1c6765fcffe96d22411fc