2 matches found
Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update
A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
CVE-2020-11980
CVE-2020-11980 affects Apache Karaf JMX where JAAS-based authentication and ACL-based authorization allow a non-admin with a viewer role to call get* via etc/jmx.acl.cfg, potentially triggering getMBeansFromURL to fetch MBeans remotely and register them, enabling SSRF-like behavior and MBean regi...