A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
History

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Mon, 16 Sep 2024 14:45:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-12-18T13:43:07.750Z

Updated: 2024-11-23T01:11:14.506Z

Reserved: 2023-07-11T20:37:22.734Z

Link: CVE-2023-3628

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-18T14:15:08.323

Modified: 2024-11-21T08:17:42.490

Link: CVE-2023-3628

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-09-21T00:00:00Z

Links: CVE-2023-3628 - Bugzilla