Skip to main content

Management Center

2 CVEs product

Monthly

CVE-2024-56518 CRITICAL Act Now

Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Management Center
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2019-9697 MEDIUM This Month

An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Management Center
NVD
CVSS 3.0
6.5
EPSS
1.0%
EPSS 2% CVSS 9.8
CRITICAL Act Now

Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Management Center
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Management Center
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy