VYPR

Tanzu GemFire for VMs

by VMware

CVEs (2)

  • CVE-2020-5396Jul 31, 2020
    risk 0.00cvss epss 0.02

    VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs versions prior to 1.11.1 and 1.10.2, when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration. This allows a…

  • CVE-2019-11286Jul 31, 2020
    risk 0.00cvss epss 0.02

    VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs versions prior to 1.11.0, 1.10.1, 1.9.2, and 1.8.2, contain a JMX service available to the network which does not properly restrict input. A remote authenticated malicious user may…