Описание
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.
Ссылки
- Release NotesVendor Advisory
- PatchVendor Advisory
- Release NotesVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.1 (включая) до 7.1.1-r2021-09 (исключая)
cpe:2.3:a:talend:esb_runtime:*:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00616
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.1
github
больше 3 лет назад
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.
EPSS
Процентиль: 69%
0.00616
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo