It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2018-07-16T13:00:00

Updated: 2024-08-05T14:02:06.903Z

Reserved: 2016-12-01T00:00:00

Link: CVE-2017-2638

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-16T13:29:00.223

Modified: 2024-11-21T03:23:53.103

Link: CVE-2017-2638

cve-icon Redhat

Severity : Moderate

Publid Date: 2017-04-19T00:00:00Z

Links: CVE-2017-2638 - Bugzilla