CVE-2023-3628 Information

Description

A flaw was found in Infinispan’s REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.

Reference

https://access.redhat.com/errata/RHSA-2023:5396 https://access.redhat.com/security/cve/CVE-2023-3628 https://bugzilla.redhat.com/show_bug.cgi?id=2217924