Infinispan: >> Infinispan Security Vulnerabilities
It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.
CVSS Score
8.8
EPSS Score
0.043
Published
2018-02-15
Page 2