Back to search
CVE-2016-2141
Published: Jun 30, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2016:1347
vendor-advisory
RHSA-2016:2035
vendor-advisory
RHSA-2016:1389
vendor-advisory
RHSA-2016:1345
vendor-advisory
RHSA-2016:1376
vendor-advisory
RHSA-2016:1330
vendor-advisory
RHSA-2016:1439
vendor-advisory
RHSA-2016:1331
vendor-advisory
91481
vdb-entry
RHSA-2016:1434
vendor-advisory
RHSA-2016:1328
vendor-advisory
RHSA-2016:1433
vendor-advisory
RHSA-2016:1374
vendor-advisory
RHSA-2016:1432
vendor-advisory
RHSA-2016:1346
vendor-advisory
RHSA-2016:1334
vendor-advisory
RHSA-2016:1333
vendor-advisory
RHSA-2016:1329
vendor-advisory
RHSA-2016:1332
vendor-advisory
RHSA-2016:1435
vendor-advisory
1036165
vdb-entry
[geode-dev] 20200407 JGroups vulnerabilty
mailing-list
[geode-dev] 20200407 Re: JGroups vulnerabilty
mailing-list
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now