Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jolokia vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-0168
Cross-site request forgery (CSRF) vulnerability in Jolokia prior to 1.2.1 allows remote malicious users to hijack the authentication of users for requests that execute MBeans methods via a crafted web page.
Jolokia Jolokia 1.0.2
Jolokia Jolokia 1.0.1
Jolokia Jolokia 1.0.0
Jolokia Jolokia 1.1.5
Jolokia Jolokia 1.1.0
Jolokia Jolokia 1.0.5
Jolokia Jolokia 1.0.3
Jolokia Jolokia 1.1.4
Jolokia Jolokia 1.1.3
Jolokia Jolokia 1.1.2
Jolokia Jolokia 1.1.1
Jolokia Jolokia
Jolokia Jolokia 1.0.6
Jolokia Jolokia 1.0.4
605
VMScore
CVE-2018-10899
A flaw was found in Jolokia versions from 1.2 to prior to 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
Jolokia Jolokia
Redhat Openstack 13
NA
CVE-2024-32114
In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with th...
NA
CVE-2022-41678
Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest is able to cr...
Apache Activemq
NA
CVE-2023-31444
In Talend Studio prior to 7.3.1-R2022-10 and 8.x prior to 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge.
Talend Studio
605
VMScore
CVE-2015-5182
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Redhat Amq -
570
VMScore
CVE-2019-12124
An issue exists in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected.
Onap Open Network Automation Platform
570
VMScore
CVE-2021-40684
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or...
Talend Esb Runtime
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started