Infinispan: >> Infinispan-Server-Runtime Security Vulnerabilities
A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server.
CVSS Score
6.1
EPSS Score
0.0
Published
2020-10-19