1 results (0.003 seconds)
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10746 – Infinispan: REST and HotRod APIs unsecured locally by default
https://notcve.org/view.php?id=CVE-2020-10746
19 Oct 2020 — A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server. Se encontró un fallo en la versión 10 de Infinispan (org.infinispan:infinispan-server-runtime), que permite el acceso local a los controles a través de las API REST y HotRod. E... • https://bugzilla.redhat.com/show_bug.cgi?id=1835922 • CWE-862: Missing Authorization •