Summary: A critical vulnerability (CVE-2024-52577) in Apache Ignite allows remote attackers to execute arbitrary code on vulnerable servers, with a CVSSv4 score of 9.5. The flaw affects versions from 2.6.0 up to but not including 2.17.0 due to improper handling of class serialization filters. Users are strongly advised to upgrade to version 2.17.0 to mitigate potential risks.
Affected: Apache Ignite (versions 2.6.0 to before 2.17.0)
Keypoints :
- Vulnerability severity rated with a CVSSv4 score of 9.5.
- Allows remote code execution, potentially leading to full system compromise.
- Fixed in Apache Ignite version 2.17.0; upgrade is strongly recommended.