cvedb.io
CVE-2017-9794
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2017-09-30T01:29:03.053 · Last modified 2026-06-17T01:28:55.690

Summary

When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user's concurrently executing gfsh query, potentially revealing data that the user is not authorized to view.

Affected products

apache — geode

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.