The HTTP and WebSocket engine components in the server in Kaazing Gateway prior to 4.5.3 hotfix-1, Gateway - JMS Edition prior to 4.0.5 hotfix-15, 4.0.6 before hotfix-4, 4.0.7, 4.0.9 before hotfix-19, 4.4.x prior to 4.4.2 hotfix-1, 4.5.x prior to 4.5.3 hotfix-1, and Gateway Community and Enterprise Editions prior to 5.6.0 allow remote malicious users to bypass intended access restrictions and obtain sensitive information via vectors related to HTTP request handling.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kaazing kaazing gateway 4.5.3 |
||
kaazing kaazing gateway |
||
kaazing kaazing gateway 4.0.5 |
||
kaazing kaazing gateway 4.0.6 |
||
kaazing kaazing gateway 4.0.7 |
||
kaazing kaazing gateway 4.4.2 |
||
tenefit kaazing websocket gateway |