The vulnerability of the Java Management Extensions (JMX) component of the Cisco Hosted Collaboration Mediation Fulfillment software allows a attacker to trigger a service failure.

The vulnerability of the Java Management Extensions JMX component of the Cisco Hosted Collaboration Mediation Fulfillment software is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to cause service interruptions...

CVE-2021-1478

A vulnerability in the Java Management Extensions JMX component of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to cause a denial of service DoS condition on an...

Design/Logic Flaw

A vulnerability in the Java Management Extensions JMX component of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to cause a denial of service DoS condition on an...

CVE-2021-1478 Cisco Unified Communications Manager Denial of Service Vulnerability

A vulnerability in the Java Management Extensions JMX component of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to cause a denial of service DoS condition on an...

Vulnerabilities fixed in Cisco Unified Communications Manager

Vulnerabilities have been fixed in Cisco Unified Communications Manager. An authenticated malicious party could potentially exploit the vulnerability with CVE attribute CVE-2021-1478 potentially exploit it to cause a Denial-of-Service attack. To do so, the Java Management Extensions JMX network...

Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition Denial of Service Vulnerabilities

Cisco Unified Communications Manager is the powerful call processing component of the Cisco Unified Communications solution. It is a scalable, distributable, and highly available enterprise Voice over IP call processing solution.Cisco Unified Communications Manager Session Management Edition is t...

Cisco Unified Communications Manager 安全漏洞

Cisco Unified Communications Manager is the powerful call processing component of the Cisco Unified Communications solution. It is a scalable, distributable, and highly available enterprise Voice over IP call processing solution.Cisco Unified Communications Manager Session Management Edition is t...

The vulnerability of the Java Management Extensions (JMX) extension in the Apache Camel framework allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Java Management Extensions JMX in the Apache Camel framework is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

camel: DNS Rebinding in JMX Connector could result in remote command execution

Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0...

cxf: JMX integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

cxf: JMX integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

cxf: JMX integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

DEBIAN-CVE-2020-13920

Apache ActiveMQ uses LocateRegistry.createRegistry to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to...

Apache Cassandra RMI Rebinding Vulnerability

Apache Cassandra is an open source distributed NoSQL database system . Apache Cassandra suffers from an RMI rebinding vulnerability that originates from a man-in-the-middle attack by manipulating the RMI registry to perform a man-in-the-middle attack and capture usernames and passwords used to...

CVE-2020-8574

Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation JMX RMI service enabled allowing unauthorized code execution to local users...

CVE-2020-8574

CVE-2020-8574 affects NetApp Active IQ Unified Manager for Linux prior to 9.6, where the Java Management Extensions (JMX) RMI service is enabled, enabling unauthorized code execution by local users. The connected sources confirm the issue is tied to the pre-9.6 Linux builds and describe local acc...

CVE-2020-8574

Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation JMX RMI service enabled allowing unauthorized code execution to local users...

Apache Karaf Code Issue Vulnerability

Apache Karaf is the United States Apache Apache Foundation for the deployment of applications and components of a lightweight OSGi Java Dynamic Modular System container. A code issue vulnerability exists in Apache Karaf versions prior to 4.2.9. In Karaf, JAAS is used for JMX authentication and AC...

Apache Flink Injection Vulnerability

Apache Flink is an open source distributed streaming data processing engine from the US Apache Software Apache Software Foundation. The product is mainly written in Java and Scala languages. There is a security vulnerability in Apache Flink. A local attacker can exploit the vulnerability with the...

Apache Camel Input Validation Error Vulnerability

Apache Camel is the United States Apache Apache Software Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern, referred to as EIP integration framework. The framework provides Enterprise Integration Pattern Java objects POJO implementation , an...