First published: Tue Jun 27 2023(Updated: )
A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Jboss Data Grid | ||
Redhat Jboss Enterprise Application Platform | =6 | |
Redhat Data Grid | <8.4.4 | |
Infinispan Infinispan | ||
maven/org.infinispan:infinispan-server-rest | <14.0.18.Final | 14.0.18.Final |
maven/org.infinispan:infinispan-server-rest | >=15.0.0.Dev01<15.0.0.Dev04 | 15.0.0.Dev04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.