Apache ActiveMQ Broker Jolokia MBeans Remote Code Execution Vulnerability

Apache ActiveMQ Broker is an open source message broker and integration pattern server . A security vulnerability exists in Apache ActiveMQ Broker. The vulnerability stems from the Jolokia JMX-HTTP bridge default policy that allows exec operations on MBeans, which can be exploited by an attacker ...

CVE-2020-11971

Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0. Mitigation The JMX instrumentation agent is the vulnerable component in this, if not being used it can be disabled in the following ways As a...