← Back

Infinispan Server Runtime

infinispan-server-runtime

Vendor: Infinispan • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-10746
1Infinispan
1Infinispan Server Runtime
Nov 21, 2024
Oct 19, 2020
N/A· v4
6.1 MEDIUM· v3
5.6 MEDIUM· v2
A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to...Show more
A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server.Show less