CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-4586

A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.7%

CVSS Severity

CVSS v3 Score 7.4

References

https://access.redhat.com/errata/RHSA-2023:7676
https://access.redhat.com/security/cve/CVE-2023-4586
https://bugzilla.redhat.com/show_bug.cgi?id=2235564
https://access.redhat.com/errata/RHSA-2023:7676
https://access.redhat.com/security/cve/CVE-2023-4586
https://bugzilla.redhat.com/show_bug.cgi?id=2235564

Products affected by CVE-2023-4586

Infinispan » Hot Rod » Version: N/A

cpe:2.3:a:infinispan:hot_rod:-
Redhat » Data Grid » Version: 8.0.0

cpe:2.3:a:redhat:data_grid:8.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4586

Products

Pricing

Contact Us