CNNVD-202510-1999 Information
CNNVD ID
CNNVD-202510-1999
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Apache Geode是美国阿帕奇(Apache)基金会的一套应用于分布式云架构中提供对数据密集型应用程序实时和一致访问数据的管理平台。 Apache Geode 1.15.2之前版本存在安全漏洞,该漏洞源于Web脚本注入,可能导致会话信息窃取和账户接管。
Description (English)
Apache Geode is a management platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud structures for the Apache Foundation in the United States. There was a security loophole in the pre-Apache Geode 1.15.2 version, which originated from the injection of Web scripts, which could lead to the theft of session information and the taking over of accounts.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-10-14
Last Modified
2026-02-24
References
https://lists.apache.org/thread/161r34nokmcc0w74mnf04lskgb8g1d3g https://access.redhat.com/security/cve/cve-2024-44088
Patch
https://lists.apache.org/thread/161r34nokmcc0w74mnf04lskgb8g1d3g
Share on: