CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3628

A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.9%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-3628

Infinispan » Infinispan » Version: N/A

cpe:2.3:a:infinispan:infinispan:-
Redhat » Data Grid » Version: 6.0.0

cpe:2.3:a:redhat:data_grid:6.0.0
Redhat » Data Grid » Version: 7.3.4

cpe:2.3:a:redhat:data_grid:7.3.4
Redhat » Data Grid » Version: 8.0

cpe:2.3:a:redhat:data_grid:8.0
Redhat » Data Grid » Version: 8.0.0

cpe:2.3:a:redhat:data_grid:8.0.0
Redhat » Data Grid » Version: 8.0.1

cpe:2.3:a:redhat:data_grid:8.0.1
Redhat » Data Grid » Version: 8.1.0

cpe:2.3:a:redhat:data_grid:8.1.0
Redhat » Data Grid » Version: 8.1.1

cpe:2.3:a:redhat:data_grid:8.1.1
Redhat » Jboss Data Grid » Version: N/A

cpe:2.3:a:redhat:jboss_data_grid:-
Redhat » Jboss Enterprise Application Platform » Version: 6

cpe:2.3:a:redhat:jboss_enterprise_application_platform:6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3628

Products

Pricing

Contact Us