CVE-2017-7686

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-7686
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7686.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-7686
Aliases
Published
2017-06-28T13:29:00Z
Modified
2024-11-22T05:12:46.351453Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run) where it needs to send some system properties like Apache Ignite or Java version. Some of the properties might contain user sensitive information.

References

Affected packages

Git / github.com/apache/ignite

Affected ranges

Type
GIT
Repo
https://github.com/apache/ignite
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0b22c45bb9b97692208fd0705ddf8045ff34a031
Last affected
2ade6d00dbe629476f30e5713dd8259b86300e35
Last affected
383273e3f66f702de2482466dce954d570a8ccf2
Last affected
5fc2cd053467e65872f796e11e3edd2e6017d80d
Last affected
6da491f4c80c36fe280327a57760c2da69c227d8
Last affected
8d6b03217fadafaa4719e647b2aa2372b680ef05
Last affected
9ca40dbeb7d559fcb299bdb6f5c90cdf8ce7e533
Last affected
9fb960ffdc959e7323cdeb5e1c024171865d8fc6
Last affected
a8169d0ac448b8f19b8cdc51ee6f339ee6864c29
Last affected
c2def5f647e410e9f25383d3e74f393e4d1348a5
Last affected
d4eef3c68ff116ee34bc13648cd82c640b3ea072
Last affected
f51c051d1e588855c37774efb22cd3536f512aa3
Last affected
f54fc36cc29533ea0ea49eacc345b7f769491bf8

Affected versions

ignite-1.*

ignite-1.0.0

release-1.*

release-1.0.0-RC3