CVE-2018-1000130

A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.
References
Link Resource
https://jolokia.org/#Security_fixes_with_1.5.0 Release Notes Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2669 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jolokia:webarchive_agent:1.3.7:*:*:*:*:*:*:*

Information

Published : 2018-03-14 06:29

Updated : 2019-03-08 07:16


NVD link : CVE-2018-1000130

Mitre link : CVE-2018-1000130


JSON object : View

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

dedicated server usa

Products Affected

jolokia

  • webarchive_agent