GHSA-2GW6-73WC-X88F Apache Geode information disclosure vulnerability

Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes data stored in the...

Apache Geode Information Disclosure Vulnerability

Geode is a data management platform that provides real-time, consistent access to data-critical applications across the entire cloud architecture. Apache Geode sets the security-manager attribute and fails to set user permissions correctly after enabling clustering, allowing remote attackers to...