A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2019-08-01T13:27:13

Updated: 2024-08-05T07:54:35.783Z

Reserved: 2018-05-09T00:00:00

Link: CVE-2018-10899

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-08-01T14:15:11.050

Modified: 2024-11-21T03:42:15.283

Link: CVE-2018-10899

cve-icon Redhat

Severity : Important

Publid Date: 2019-06-11T10:41:00Z

Links: CVE-2018-10899 - Bugzilla