Lucene search

PRIOn knowledge basePRION:CVE-2023-3629

HistoryDec 18, 2023 - 2:15 p.m.

Design/Logic Flaw

2023-12-1814:15:00

PRIOn knowledge base

www.prio-n.com

infinispan

rest

cache retrieval

unauthorized access

security flaw

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

24.4%

JSON

A flaw was found in Infinispan’s REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.

CPENameOperatorVersion
data_gridlt8.4.4
jboss_enterprise_application_platformeq6

CPE	Name	Operator	Version
	data_grid	lt	8.4.4
	jboss_enterprise_application_platform	eq	6

References

access.redhat.com/errata/RHSA-2023:5396

access.redhat.com/security/cve/CVE-2023-3629

bugzilla.redhat.com/show_bug.cgi?id=2217926

security.netapp.com/advisory/ntap-20240125-0004/