Description
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information.
Remediation
References
https://docs.google.com/presentation/d/1W5KU7ffh4dheR8iD54ulABImi6byAhSI-OhEKw2adRo/edit?usp=sharing
Related Vulnerabilities
CVE-2022-2422 Vulnerability in npm package feathers-sequelize
CVE-2020-11002 Vulnerability in maven package io.dropwizard:dropwizard-validation
CVE-2021-23463 Vulnerability in maven package com.h2database:h2
CVE-2016-10599 Vulnerability in npm package sauce-connect
CVE-2018-1000854 Vulnerability in maven package org.esigate:esigate-core