What is CVE-2022-36437?

A critical vulnerability in Hazelcast and Hazelcast Jet allows remote attackers to access and manipulate cluster data. Organizations should prioritize patching to mitigate risks.

What is the severity of CVE-2022-36437?

CVE-2022-36437 has a severity rating of CRITICAL with a CVSS base score of 9.1.

CVE-2022-36437 | Critical Vulnerability in Hazelcast and Hazelcast Jet

CVE-2022-36437 is a critical vulnerability affecting Hazelcast and Hazelcast Jet, with a CVSS score of 9.1. This vulnerability allows a remote unauthenticated attacker to access and manipulate data in the cluster using the identity of another already authenticated connection. The affected versions of Hazelcast are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2, while Hazelcast Jet versions affected are through 4.5.3.

Risk to organizations includes potential data compromise and unauthorized manipulation of cluster data. Given the severity and potential impact, organizations should prioritize patching immediately.

As of now, there is no known exploit or public proof of concept for this vulnerability, but its critical nature necessitates immediate attention to mitigation strategies.

Organizations should review their configurations and apply the necessary patches to affected versions to safeguard against potential attacks.

Vulnerability Details

The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The official CVE description provides insight into the nature of this vulnerability.

The vulnerability is classified under CWE-384, indicating issues with connection caching. The CVSS score of 9.1, categorized as critical, highlights the urgency for organizations to address this vulnerability.

Technical Analysis

The root cause of CVE-2022-36437 lies in the connection handler's ability to cache connections without adequate validation. This flaw allows attackers to impersonate authenticated users and potentially manipulate sensitive data. The attack vector is network-based, requiring low complexity and no user interaction. Attackers do not need any privileges to exploit this vulnerability.

The vulnerability impacts confidentiality and integrity significantly, while availability remains unaffected. These factors contribute to the critical nature of the vulnerability, necessitating immediate attention from security teams.

Risk & Impact Analysis

Organizations using affected versions of Hazelcast and Hazelcast Jet are at high risk of unauthorized access and data manipulation. The blast radius of this vulnerability could be extensive due to the nature of clustered data operations. Given the critical CVSS score, organizations should address this vulnerability immediately in their patch cycles.

The potential for exploitation in the wild increases with the criticality of this vulnerability. Security teams must prioritize monitoring and implementing mitigations to reduce the risk of data breaches stemming from this issue.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of Hazelcast include all versions prior to 4.1.10, 4.2.6, 5.0.4, and 5.1.3. For Hazelcast Jet, all versions prior to 4.5.4 are vulnerable.

Mitigation & Remediation

Organizations must patch their Hazelcast installations to the latest versions to remediate this vulnerability. For those unable to patch immediately, consider implementing network controls to restrict access to Hazelcast services.

For proactive security, organizations are encouraged to conduct thorough security assessments, such as penetration testing, to identify potential vulnerabilities within their environment.

Detection Guidance

Monitor logs for unusual connection patterns and authentication attempts. Look for behavioral anomalies that deviate from normal operations, which may indicate an attempted exploitation of this vulnerability.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2022-36437 highlights the importance of robust authentication mechanisms in cluster management solutions like Hazelcast. This vulnerability underscores a broader trend of connection handling flaws that can lead to severe consequences.

Organizations should leverage insights from this vulnerability to enhance their security posture, including reviewing their authentication and authorization practices.

For further information, organizations can refer to our guides on penetration testing methodology and vulnerability management program design to strengthen their defenses.

By staying informed and proactive, security teams can effectively mitigate the risks associated with vulnerabilities like CVE-2022-36437.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-36437: Critical Vulnerability in Hazelcast and Hazelcast Jet