Back to bug 1835922
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Chess Hazlett | 2020-05-14 18:11:43 UTC | CC | security-response-team | |
| Guilherme de Almeida Suckevicz | 2020-05-14 18:24:23 UTC | Summary | EMBARGOED Infinispan: REST and HotRod APIs unsecured locally by default | EMBARGOED CVE-2020-10746 Infinispan: REST and HotRod APIs unsecured locally by default |
| Alias | CVE-2020-10746 | |||
| Chess Hazlett | 2020-05-15 18:19:01 UTC | Blocks | 1821931 | |
| RaTasha Tillery-Smith | 2020-05-19 12:19:35 UTC | Doc Text | A flaw was found in Infinispan, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server. | |
| Chess Hazlett | 2020-05-21 21:53:48 UTC | CC | drieden, jochrist, jolee, jschatte, jstastny, vhalbert | |
| Chess Hazlett | 2020-05-21 21:54:01 UTC | CC | aboyko, asoldano, atangrin, bbaranow, bmaxwell, brian.stansberry, cdewolf, darran.lofthouse, dkreling, dosoudil, iweiss, jawilson, jperkins, krathod, kwills, lgao, msochure, msvehla, nwallace, pmackay, psotirop, rguimara, rstancel, rsvoboda, smaestri, tom.jenkinson | |
| Chess Hazlett | 2020-05-21 21:54:12 UTC | CC | aileenc, gvarsami, jcoleman, kconner, ldimaggi, rwagner, tcunning, tkirby | |
| Chess Hazlett | 2020-05-21 21:54:26 UTC | CC | ggaughan, gmalinko, janstey | |
| Paramvir jindal | 2020-05-26 07:36:28 UTC | Doc Text | A flaw was found in Infinispan, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server. | A flaw was found in Infinispan version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server. |
| Paramvir jindal | 2020-10-19 13:13:56 UTC | Group | security, qe_staff | |
| CC | eleandro | |||
| Summary | EMBARGOED CVE-2020-10746 Infinispan: REST and HotRod APIs unsecured locally by default | CVE-2020-10746 Infinispan: REST and HotRod APIs unsecured locally by default | ||
| Paramvir jindal | 2020-10-19 13:20:46 UTC | Fixed In Version | Infinispan 11.0.0 | |
| PnT Account Manager | 2020-10-20 21:10:53 UTC | CC | vhalbert | |
| Red Hat Bugzilla | 2021-10-15 11:51:08 UTC | Doc Text | A flaw was found in Infinispan version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update | A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10 |
| Doc Text | , deletion, and shutdown of the entire server. | , where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server. | ||
| CC | kconner | |||
| Red Hat Bugzilla | 2022-04-19 04:38:55 UTC | CC | ggaughan | |
| Red Hat Bugzilla | 2022-10-28 13:13:00 UTC | CC | krathod | |
| Red Hat Bugzilla | 2022-11-14 23:22:41 UTC | CC | jstastny | |
| Red Hat Bugzilla | 2022-12-31 23:43:16 UTC | CC | aboyko | |
| Red Hat Bugzilla | 2023-05-15 18:09:21 UTC | CC | drieden | |
| Red Hat Bugzilla | 2023-05-15 19:52:11 UTC | CC | atangrin | |
| Red Hat Bugzilla | 2023-05-31 23:39:21 UTC | CC | tkirby | |
| Red Hat Bugzilla | 2023-07-07 08:30:04 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody |
Back to bug 1835922