Skip to main content

Hazelcast Jet

1 CVEs product

Monthly

CVE-2022-36437 Maven CRITICAL PATCH Act Now

The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Hazelcast Hazelcast Jet
NVD GitHub
CVSS 3.1
9.1
EPSS
1.0%
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Hazelcast +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy