CVE-2017-15696
CVE-2017-15696
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 2.0%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
26 Feb 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains access to the Geode locator to extract configuration data and previously deployed application code.
Affected products
Apache Software Foundation · Apache GeodeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →