Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheGeode

3 matches found

CVE
CVEadded 2018/02/27 3:29 p.m.102 views

CVE-2017-15693

In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:WRITE access to the cluster may be able to cause remote code execution if certain classes are presen...

7.5CVSS7.8AI score0.017EPSS
CVE
CVEadded 2018/02/27 3:29 p.m.67 views

CVE-2017-15692

In Apache Geode before v1.4.0, the TcpServer within the Geode locator opens a network port that deserializes data. If an unprivileged user gains access to the Geode locator, they may be able to cause remote code execution if certain classes are present on the classpath.

9.8CVSS9.6AI score0.04594EPSS
CVE
CVEadded 2018/02/26 2:29 a.m.60 views

CVE-2017-15696

When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains access to the Geode locator to extract configuration data and previously deployed application code.

7.5CVSS7.4AI score0.00641EPSS