Apache Geode Cluster Unauthorized Read Access Vulnerability
CVE-2017-9796 · LOW Severity
AV:N/AC:M/AU:S/C:P/I:N/A:N
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries containing a region name as a bind parameter that allow read access to objects within unauthorized regions.
Learn more about our Cis Benchmark Audit For Apache Http Server.