When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions. In addition a user could invoke methods that allow remote code execution.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2018-01-10T03:00:00Z

Updated: 2024-09-16T22:30:33.662Z

Reserved: 2017-06-21T00:00:00

Link: CVE-2017-9795

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-01-10T03:29:00.237

Modified: 2024-11-21T03:36:52.180

Link: CVE-2017-9795

cve-icon Redhat

No data.