When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata. A malicious user could modify this data in a way that affects the operation of the cluster.
References
Configurations
History
07 Nov 2023, 02:40
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-06-21 16:15
Updated : 2024-02-28 17:08
NVD link : CVE-2017-15694
Mitre link : CVE-2017-15694
CVE.ORG link : CVE-2017-15694
JSON object : View
Products Affected
apache
- geode
CWE
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')