Vulnerabilities > Redhat > Data Grid > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-3628 A flaw was found in Infinispan's REST.
network
low complexity
redhat infinispan
6.5
6.5
2023-12-18 CVE-2023-3629 A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation.
network
low complexity
redhat infinispan
6.5
6.5
2023-12-18 CVE-2023-5236 A flaw was found in Infinispan, which does not detect circular object references when unmarshalling.
network
low complexity
redhat infinispan
6.5
6.5
2021-06-02 CVE-2020-10771 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. 		5.8
5.8
2020-12-03 CVE-2020-25711 Missing Authorization vulnerability in multiple products
A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations.
network
low complexity
infinispan redhat netapp CWE-862
6.5
6.5
2019-10-14 CVE-2019-14838 Improper Privilege Management vulnerability in Redhat products
A flaw was found in wildfly-core before 7.2.5.GA.
network
low complexity
redhat CWE-269
4.0
4.0