CVE-2019-10174
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-10174
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用外部可控制的输入来选择类或代码(不安全的反射)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat Infinispan 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat Infinispan是美国红帽(Red Hat)公司的一套分布式缓存和键值NoSQL数据存储软件。 Red Hat Infinispan 10.0.0 Final之前版本中存在安全漏洞。攻击者可利用该漏洞以Infinispan权限调用私有方法。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| [UNKNOWN] | infinispan | 10.0.0.Final | - |
II. Public POCs for CVE-2019-10174
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-10174
请登录查看更多情报信息。
- https://security.netapp.com/advisory/ntap-20220210-0018/x_refsource_CONFIRM
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10174x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2019-10174
IV. Related Vulnerabilities
Same weakness: CWE-470
- CVE-2026-8178
Remote Code Execution via Unsafe Class Loading in Amazon Red - CVE-2026-44339
PraisonAI has unsafe tool resolution in `ToolExecutionMixin. - CVE-2026-42027
Apache OpenNLP: Arbitrary Class Instantiation via Model Mani - CVE-2026-41175
Statamic: Unsafe method invocation via query value resolutio - CVE-2018-25239
Smart VPN 1.1.3.0 Denial of Service via Search
V. Comments for CVE-2019-10174
No comments yet