VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Infinispan
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-12-18
CVE-2023-3628
A flaw was found in Infinispan's REST.
network
low complexity
redhat
infinispan
6.5
6.5
2023-12-18
CVE-2023-3629
A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation.
network
low complexity
redhat
infinispan
6.5
6.5
2023-12-18
CVE-2023-5236
A flaw was found in Infinispan, which does not detect circular object references when unmarshalling.
network
low complexity
redhat
infinispan
6.5
6.5
2023-12-18
CVE-2023-5384
Cleartext Storage of Sensitive Information vulnerability in multiple products
A flaw was found in Infinispan.
network
low complexity
redhat
infinispan
CWE-312
2.7
2.7
2023-10-04
CVE-2023-4586
Improper Certificate Validation vulnerability in multiple products
A vulnerability was found in the Hot Rod client.
network
high complexity
redhat
infinispan
CWE-295
7.4
7.4
2021-09-21
CVE-2021-31917
Improper Authentication vulnerability in multiple products
A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0).
network
low complexity
redhat
infinispan
CWE-287
critical
9.8
9.8
2021-06-02
CVE-2020-10771
A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests.
network
low complexity
infinispan
redhat
netapp
7.1
7.1
2020-12-03
CVE-2020-25711
Missing Authorization vulnerability in multiple products
A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations.
network
low complexity
infinispan
redhat
netapp
CWE-862
6.5
6.5
2020-10-19
CVE-2020-10746
Unspecified vulnerability in Infinispan Infinispan-Server-Runtime 10.0.0
A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs.
local
low complexity
infinispan
6.1
6.1
2020-01-02
CVE-2019-10158
Session Fixation vulnerability in multiple products
A flaw was found in Infinispan through version 9.4.14.Final.
network
low complexity
infinispan
redhat
CWE-384
critical
9.8
9.8
«
1
(current)
2
»
Next