CVE-2023-45859

Impact

In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster.

Patches

Fix versions: 5.2.5, 5.3.5, 5.4.0-BETA-1

Workarounds

There is no known workaround.