Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Critical Security fix for the Talend JobServer and Talend Runtime
Vulnerability Description
A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client authentication for the monitoring port; however, the patch must be applied for full mitigation. For Talend ESB Runtime, the vulnerability can be mitigated by disabling the JobServer JMX monitoring port, which is disabled by default from the R2024-07-RT patch.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Qlik Talend JobServer和Qlik Talend Runtime 安全漏洞
Vulnerability Description
Qlik Talend JobServer和Qlik Talend Runtime都是美国Qlik公司的产品。Qlik Talend JobServer是一个数据集成任务执行与调度服务组件。Qlik Talend Runtime是一个数据集成与应用运行环境平台。 Qlik Talend JobServer和Qlik Talend Runtime存在安全漏洞,该漏洞源于JMX监控端口,可能导致未经身份验证的远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A