2 matches found
CVE-2017-9794
The CVE-2017-9794 entry describes an information-disclosure flaw in Apache Geode prior to version 1.2.1: when a cluster runs in secure mode, a user with read access to certain data regions can use the gfsh CLI to run queries, and query results may include data from another user’s concurrent gfsh ...
CVE-2017-9797
The vulnerability CVE-2017-9797 affects Apache Geode clusters running versions prior to 1.2.1 in secure mode. An unauthenticated client can enter multi-user authentication mode and send metadata messages, which can disclose information about application data types and enable a denial-of-service a...