Back to search
CVE-2017-9796
Published: Jan 10, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries containing a region name as a bind parameter that allow read access to objects within unauthorized regions.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache Geode | affected 1.0.0 to 1.2.1 |
References
[user] 20180109 [SECURITY] CVE-2017-9796 Apache Geode OQL bind parameter vulnerability
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now