CVE-2016-10558

Name of the Vulnerable Software and Affected Versions aerospike versions prior to 2.4.2

Description The issue concerns the insecure download of binary resources over HTTP, making the module susceptible to man-in-the-middle (MITM) attacks. If an attacker is positioned on the network or between the user and the remote server, they may be able to swap the requested binary with an attacker-controlled binary, potentially leading to remote code execution (RCE).

Recommendations Update to version 2.4.2 or later. As a temporary workaround, consider restricting network access to minimize the risk of exploitation.