Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Talend ESB 授权问题漏洞
Vulnerability Description
Talend ESB是美国Talend公司的一种可靠且可扩展的企业服务总线 (ESB),可让开发团队以整体方式管理集成项目,在复杂的异构计算环境中结合应用程序和数据管理的集成。 Talend ESB Runtime 存在安全漏洞,该漏洞源于程序存在未经身份验证的Jolokia HTTP端点,它允许远程访问运行时容器的JMX,这将使攻击者能够读取或修改容器或容器中运行的软件。以下产品及版本受到影响:Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2
CVSS Information
N/A
Vulnerability Type
N/A