VYPR
Unrated severityNVD Advisory· Published Sep 22, 2021· Updated Aug 4, 2024

CVE-2021-40684

CVE-2021-40684

Description

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.

Affected products

2
  • Talend/Talend ESB Runtimedescription
  • Qlik/ESB Runtimellm-fuzzy
    Range: >=5.1 <=7.3.1-R2021-09

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.