{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-04T03:01:51.488","vulnerabilities":[{"cve":{"id":"CVE-2023-3629","sourceIdentifier":"secalert@redhat.com","published":"2023-12-18T14:15:08.557","lastModified":"2024-11-21T08:17:42.637","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions."},{"lang":"es","value":"Se encontró una falla en REST de Infinispan: los endpoints de recuperación de caché no evalúan adecuadamente los permisos de administrador necesarios para la operación. Este problema podría permitir que un usuario autenticado acceda a información fuera de sus permisos previstos."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-304"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:data_grid:*:*:*:*:*:*:*:*","versionEndExcluding":"8.4.4","matchCriteriaId":"C6401304-B700-4F69-9385-66B7398C55D8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*","matchCriteriaId":"2BF03A52-4068-47EA-8846-1E5FB708CE1A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6:*:*:*:*:*:*:*","matchCriteriaId":"68E89E9D-88CA-4BCC-8871-EF4AF913D871"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:infinispan:infinispan:-:*:*:*:*:*:*:*","matchCriteriaId":"F6718434-9048-42D0-8E70-40531CA83A16"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2023:5396","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-3629","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2217926","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://access.redhat.com/errata/RHSA-2023:5396","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-3629","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2217926","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://security.netapp.com/advisory/ntap-20240125-0004/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}