Lucene search
MitreCVELIST:CVE-2022-36437HistoryDec 29, 2022 - 12:00 a.m.
CVE-2022-36437
2022-12-2900:00:00
mitre
www.cve.org
1
cve-2022-36437
remote attacker access
data manipulation
unauthenticated access
identity theft
cluster vulnerability
version affected
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affected Hazelcast Jet versions are through 4.5.3.
Related
redhat
redhat
(RHSA-2023:0661) Critical: Red Hat Fuse 7.11.1.P1 security update for Fuse on EAP
2023-02-08 09:52:07
(RHSA-2023:0483) Critical: Red Hat Fuse 7.11.1.P1 security update
2023-01-26 21:53:56
(RHSA-2023:3954) Critical: Red Hat Fuse 7.12 release and security update
2023-06-29 20:05:32
osv
osv
Apiman Vert.x Gateway has Transitive Hazelcast connection caching issue
2022-12-30 22:13:59
CVE-2022-36437
2022-12-29 23:15:09
Hazelcast connection caching
2022-12-27 14:40:39
veracode
veracode
Information Disclosure
2023-01-10 18:40:32
cve
cve
CVE-2022-36437
2022-12-29 23:15:09
github
github
Hazelcast connection caching
2022-12-27 14:40:39
redhatcve
redhatcve
CVE-2022-36437
2023-01-18 17:05:22
prion
prion
Design/Logic Flaw
2022-12-29 23:15:00
nvd
nvd
CVE-2022-36437
2022-12-29 23:15:09
ibm
ibm