CVE-2017-9794 is a vulnerability in Apache Geode
Published on September 29, 2017

When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user's concurrently executing gfsh query, potentially revealing data that the user is not authorized to view.

NVD

Products Associated with CVE-2017-9794

Want to know whenever a new CVE is published for Apache Geode? stack.watch will email you.

Apache Geode

Affected Versions

Apache Software Foundation Apache Geode:

Version 1.0.0 is affected.
Version 1.1.0 is affected.
Version 1.1.1 is affected.
Version 1.2.0 is affected.

Exploit Probability

EPSS

0.13%

Percentile

32.27%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-9794 is a vulnerability in Apache GeodePublished on September 29, 2017

Products Associated with CVE-2017-9794

Affected Versions

Exploit Probability

CVE-2017-9794 is a vulnerability in Apache Geode
Published on September 29, 2017