CVE-2017-15693

CVE-2017-15693

In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:WRITE access to the cluster may be able to cause remote code execution if certain classes are present on the classpath.

Source: CVE-2017-15693

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다