CVE-2017-9796
CVSS v3.0
5.3 (Medium)
CVSS v2.0
3.5 (Low)
EPSS
0.05 % (18th)
Affected Products
1
Advisories
1
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries containing a region name as a bind parameter that allow read access to objects within unauthorized regions.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CVE Status
- PUBLISHED
- CNA
- Apache Software Foundation
- Published Date
-
2018-01-10 03:29:00
(6 years ago) - Updated Date
-
2023-11-07 02:50:52
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...