CVE-2017-5649 Apache Geode privilege escalation vulnerability
Severity
Medium
Vendor
Apache Geode
Affected VMware Products and Versions
- Pivotal GemFire 9.0.x versions prior to 9.0.3
Mitigation
Users of affected versions should apply the following mitigation:
- Upgrade to Pivotal GemFire 9.0.3 [2][3]
Credit
This issue was responsibly reported by the Pivotal Cloud Cache team.
References
- [1] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5649
- [2] http://gemfire.docs.pivotal.io/gemfire/relnotes/release_notes90.html#ResolvedIssuesGF903
- [3] https://network.tanzu.vmware.com/products/pivotal-gemfire/
History
2017-04-05: Initial vulnerability report published