cvedb.io
CVE-2017-7686
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-06-28T13:29:00.217 · Last modified 2026-06-17T01:24:59.100

Summary

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run) where it needs to send some system properties like Apache Ignite or Java version. Some of the properties might contain user sensitive information.

Affected products

apache — ignite

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.