Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-54429 | Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be uploaded at the /cluster-connections URI. |
Mon, 07 Jul 2025 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Hazelcast
Hazelcast management Center |
|
| CPEs | cpe:2.3:a:hazelcast:management_center:*:*:*:*:-:*:*:* | |
| Vendors & Products |
Hazelcast
Hazelcast management Center |
Tue, 22 Apr 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-94 | |
| Metrics |
cvssV3_1
|
Thu, 17 Apr 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be uploaded at the /cluster-connections URI. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-04-22T14:34:31.303Z
Reserved: 2024-12-27T00:00:00.000Z
Link: CVE-2024-56518
Vulnrichment
Updated: 2025-04-22T14:34:21.627Z
NVD
Status : Analyzed
Published: 2025-04-17T16:15:27.900
Modified: 2025-07-07T18:18:01.627
Link: CVE-2024-56518
Redhat
No data.
OpenCVE Enrichment
No data.