A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
References
Configurations
History
07 Nov 2023, 02:51
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-08-01 14:15
Updated : 2024-02-28 17:08
NVD link : CVE-2018-10899
Mitre link : CVE-2018-10899
CVE.ORG link : CVE-2018-10899
JSON object : View
Products Affected
redhat
- openstack
jolokia
- jolokia