geode-core is vulnerable to information disclosure. If a malicious user gains access to the Geode locator, they are able to access the configuration data and previously deployed code. This is possible because the configuration service doesn’t correctly authorize configuration requests when operating in secure mode.
CPE | Name | Operator | Version |
---|---|---|---|
apache geode | le | 1.3.0 |