VYPR
Medium severity4.3NVD Advisory· Published Sep 30, 2017· Updated Jun 17, 2026

CVE-2017-9794

CVE-2017-9794

Description

When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user's concurrently executing gfsh query, potentially revealing data that the user is not authorized to view.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.geode:geode-coreMaven
>= 1.0.0, < 1.2.11.2.1

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.