Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jolokia vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41678
Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest is able to cr...
Apache Activemq
NA
CVE-2023-31444
In Talend Studio prior to 7.3.1-R2022-10 and 8.x prior to 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge.
Talend Studio
6.4
CVSSv2
CVE-2021-40684
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or...
Talend Esb Runtime
6.4
CVSSv2
CVE-2019-12124
An issue exists in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected.
Onap Open Network Automation Platform
6.8
CVSSv2
CVE-2018-10899
A flaw was found in Jolokia versions from 1.2 to prior to 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
Jolokia Jolokia
Redhat Openstack 13
6.8
CVSSv2
CVE-2015-5182
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Redhat Amq -
6.8
CVSSv2
CVE-2014-0168
Cross-site request forgery (CSRF) vulnerability in Jolokia prior to 1.2.1 allows remote malicious users to hijack the authentication of users for requests that execute MBeans methods via a crafted web page.
Jolokia Jolokia 1.0.2
Jolokia Jolokia 1.0.1
Jolokia Jolokia 1.0.0
Jolokia Jolokia 1.1.5
Jolokia Jolokia 1.1.0
Jolokia Jolokia 1.0.5
Jolokia Jolokia 1.0.3
Jolokia Jolokia 1.1.4
Jolokia Jolokia 1.1.3
Jolokia Jolokia 1.1.2
Jolokia Jolokia 1.1.1
Jolokia Jolokia
Jolokia Jolokia 1.0.6
Jolokia Jolokia 1.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started