Skip to main content

Esb Runtime

2 CVEs product

Monthly

CVE-2022-45589 HIGH This Week

All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Esb Runtime
NVD VulDB
CVSS 3.1
7.2
EPSS
0.6%
CVE-2021-40684 CRITICAL PATCH Act Now

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Esb Runtime
NVD
CVSS 3.1
9.1
EPSS
1.1%
EPSS 1% CVSS 7.2
HIGH This Week

All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Esb Runtime
NVD VulDB
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Esb Runtime
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy