CVE-2023-45859 Information

Description

In Hazelcast through 4.1.10 4.2 through 4.2.8 5.0 through 5.0.5 5.1 through 5.1.7 5.2 through 5.2.4 and 5.3 through 5.3.2 some client operations don’t check permissions properly allowing authenticated users to access data stored in the cluster.

Reference

https://github.com/hazelcast/hazelcast/pull/25509 https://github.com/hazelcast/hazelcast/security/advisories/GHSA-xh6m-7cr7-xx66