A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
References
Configurations
History
07 Nov 2023, 02:51
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
04 Aug 2021, 17:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:* |
Information
Published : 2019-08-01 14:15
Updated : 2023-12-10 12:59
NVD link : CVE-2018-10899
Mitre link : CVE-2018-10899
CVE.ORG link : CVE-2018-10899
JSON object : View
Products Affected
redhat
- openstack
jolokia
- jolokia