Unrated severityNVD Advisory· Published Sep 22, 2021· Updated Aug 4, 2024
CVE-2021-40684
CVE-2021-40684
Description
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.
Affected products
2- Talend/Talend ESB Runtimedescription
- Range: >=5.1 <=7.3.1-R2021-09
Patches
Vulnerability mechanics
References
2- help.talend.com/r/en-US/7.3/release-notes-esb-productsmitrex_refsource_MISC
- jira.talendforge.org/browse/SF-141mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.