A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 16 Sep 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-12-18T13:43:07.750Z
Updated: 2024-11-23T01:11:14.506Z
Reserved: 2023-07-11T20:37:22.734Z
Link: CVE-2023-3628
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-18T14:15:08.323
Modified: 2024-11-21T08:17:42.490
Link: CVE-2023-3628
Redhat