CVE-2025-47410: Apache Geode: CSRF attacks through GET requests to the Management and Monitoring REST API that can execute gfsh commands on the target system

October 18, 2025 (updated November 5, 2025)

Apache Geode is vulnerable to CSRF attacks through GET requests to the Management and Monitoring REST API that could allow an attacker who has tricked a user into giving up their Geode session credentials to submit malicious commands on the target system on behalf of the authenticated user.

This issue affects Apache Geode: versions 1.10 through 1.15.1

Users are recommended to upgrade to version 1.15.2, which fixes the issue.

References

github.com/advisories/GHSA-gjp8-99fv-cgcw
github.com/apache/geode
github.com/apache/geode/commit/570990909e6fd1e491f01471ad30ee3c2dbff72c
lists.apache.org/thread/k88tv3rhl4ymsvt4h6qsv7sq10q5prrt
nvd.nist.gov/vuln/detail/CVE-2025-47410

Code Behaviors & Features

Detect and mitigate CVE-2025-47410 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →