GSD-2017-9794

Vulnerability from gsd - Updated: 2023-12-13 01:21
Details
When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user's concurrently executing gfsh query, potentially revealing data that the user is not authorized to view.
Aliases
Aliases
CVE-2017-9794
To clipboard 

{
  "GSD": {
    "alias": "CVE-2017-9794",
    "description": "When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user\u0027s concurrently executing gfsh query, potentially revealing data that the user is not authorized to view.",
    "id": "GSD-2017-9794"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-9794"
      ],
      "details": "When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user\u0027s concurrently executing gfsh query, potentially revealing data that the user is not authorized to view.",
      "id": "GSD-2017-9794",
      "modified": "2023-12-13T01:21:07.447505Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "DATE_PUBLIC": "2017-09-29T00:00:00",
        "ID": "CVE-2017-9794",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Geode",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "1.0.0"
                        },
                        {
                          "version_value": "1.1.0"
                        },
                        {
                          "version_value": "1.1.1"
                        },
                        {
                          "version_value": "1.2.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user\u0027s concurrently executing gfsh query, potentially revealing data that the user is not authorized to view."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Concurrent Execution using Shared Resource with Improper Synchronization error"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[geode-user] 20170929 [SECURITY] CVE-2017-9794 Apache Geode gfsh query vulnerability",
            "refsource": "MLIST",
            "url": "http://mail-archives.apache.org/mod_mbox/geode-user/201709.mbox/%3cCAEwge-FqzrT+deCkNkM-EQZuKfg-XuqY4cGjFiqxoKBVduY1Zw@mail.gmail.com%3e"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,1.2.0]",
          "affected_versions": "All versions up to 1.2.0",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-200",
            "CWE-937"
          ],
          "date": "2017-10-06",
          "description": "When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the `gfsh` command line utility to execute queries; the query results may contain data from another user\u0027s concurrently executing `gfsh` query, potentially revealing data that the user is not authorized to view.",
          "fixed_versions": [
            "1.2.1"
          ],
          "identifier": "CVE-2017-9794",
          "identifiers": [
            "CVE-2017-9794"
          ],
          "not_impacted": "All versions after 1.2.0",
          "package_slug": "maven/org.apache.geode/geode-core",
          "pubdate": "2017-09-30",
          "solution": "Upgrade to version 1.2.1 or above.",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-9794"
          ],
          "uuid": "e45efe77-b602-432d-a046-11164d0268a7"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:geode:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2017-9794"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user\u0027s concurrently executing gfsh query, potentially revealing data that the user is not authorized to view."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[geode-user] 20170929 [SECURITY] CVE-2017-9794 Apache Geode gfsh query vulnerability",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "http://mail-archives.apache.org/mod_mbox/geode-user/201709.mbox/%3cCAEwge-FqzrT+deCkNkM-EQZuKfg-XuqY4cGjFiqxoKBVduY1Zw@mail.gmail.com%3e"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2017-10-06T19:37Z",
      "publishedDate": "2017-09-30T01:29Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.