2 matches found
Apache Geode server security bypass vulnerability
Apache Geode is the Apache Software Foundation's suite of management platforms for distributed cloud architectures that provide real-time and consistent access to data for data-intensive applications. A security vulnerability exists in Apache Geode server versions 1.0.0 through 1.8.0. An attacker...
CVE-2017-15695
When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with a security manager, a user with DATA:WRITE privileges is allowed to deploy code by invoking an internal Geode function. This allows remote code execution. Code deployment should be restricted to users with DATA:MANAGE privileg...