VulnCheck KEV: CVE-2021-40684

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running...

Design/Logic Flaw

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running...

CVE-2021-40684

CVE-2021-40684 affects Talend ESB Runtime across versions 5.1–7.3.1-R2021-09, 7.2.1-R2021-09, and 7.1.1-R2021-09, due to an unauthenticated Jolokia HTTP endpoint that exposes the container’s JMX. This endpoint enables remote read/write access to the runtime/container and could allow an attacker t...

Talend ESB 授权问题漏洞

Talend ESB is a reliable and scalable Enterprise Service Bus ESB from Talend, Inc. that enables development teams to manage integration projects in a holistic manner, combining application and data management integration in complex heterogeneous computing environments. A security vulnerability...