CVE-2017-9797: Information Exposure

October 3, 2017 (updated October 3, 2019)

When an Apache Geode cluster is operating in secure mode, an unauthenticated client can enter multi-user authentication mode and send metadata messages. These metadata operations could leak information about application data types. In addition, an attacker could perform a denial of service attack on the cluster.

References

nvd.nist.gov/vuln/detail/CVE-2017-9797

Code Behaviors & Features

Detect and mitigate CVE-2017-9797 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →