← Retour aux CVEs
CVE-2017-7686
N/ADescription
Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run) where it needs to send some system properties like Apache Ignite or Java version. Some of the properties might contain user sensitive information.
Details CVE
Score CVSS v3.1N/A
Publie6/28/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
apache:ignite
Faiblesses (CWE)
CWE-200
References
http://apache-ignite-developers.2346864.n4.nabble.com/CVE-2017-7686-Apache-Ignite-Information-Disclosure-td19168.html(security@apache.org)
http://www.securityfocus.com/bid/99292(security@apache.org)
http://apache-ignite-developers.2346864.n4.nabble.com/CVE-2017-7686-Apache-Ignite-Information-Disclosure-td19168.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/99292(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.