CVE-2023-33265

Published: Jul 18, 2023
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-33265" target="_blank" rel="noopener"> CVE-2023-33265
GHSA: <a href="https://github.com/advisories/GHSA-c5vj-wp4v-mmvx" target="_blank" rel="noopener"> GHSA-c5vj-wp4v-mmvx
Severity: High
Exploit:

In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, executor services don't check client permissions properly, allowing authenticated users to execute tasks on members without the required permissions granted.

CVSS v3:

CWEs: