CVE-2017-5649 is a vulnerability in Apache Geode
Published on April 4, 2017

Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes data stored in the cluster.

NVD

Products Associated with CVE-2017-5649

Want to know whenever a new CVE is published for Apache Geode? stack.watch will email you.

Apache Geode

Affected Versions

Apache Software Foundation Apache Geode Version 1.1.0 is affected by CVE-2017-5649

Exploit Probability

EPSS

0.07%

Percentile

22.15%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-5649 is a vulnerability in Apache GeodePublished on April 4, 2017

Products Associated with CVE-2017-5649

Affected Versions

Exploit Probability

CVE-2017-5649 is a vulnerability in Apache Geode
Published on April 4, 2017