CVE-2017-15694
First published: Fri Jun 21 2019(Updated: )
When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata. A malicious user could modify this data in a way that affects the operation of the cluster.
Credit: security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Geode | >=1.0.0<=1.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-15694?
CVE-2017-15694 is a vulnerability in Apache Geode server versions 1.0.0 to 1.8.0 that allows a user to modify internal cluster metadata when operating in secure mode.
What is the severity of CVE-2017-15694?
CVE-2017-15694 has a severity rating of 6.5, which is considered medium.
How does CVE-2017-15694 affect Apache Geode server?
CVE-2017-15694 allows a user with write permissions for specific data regions to modify internal cluster metadata, potentially affecting the operation of the cluster.
What software versions are affected by CVE-2017-15694?
Apache Geode server versions 1.0.0 to 1.8.0 are affected by CVE-2017-15694.
How can CVE-2017-15694 be fixed?
There is currently no known fix for CVE-2017-15694. It is recommended to update to a version of Apache Geode server that is not affected by this vulnerability when it becomes available.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apache
- canonical/apache geode
- version/apache geode/1.0.0
- version/apache geode/1.8.0