CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1000130

A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.914

EPSS Ranking 99.6%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

https://access.redhat.com/errata/RHSA-2018:2669
https://jolokia.org/#Security_fixes_with_1.5.0
https://access.redhat.com/errata/RHSA-2018:2669
https://jolokia.org/#Security_fixes_with_1.5.0

Products affected by CVE-2018-1000130

Jolokia » Webarchive Agent » Version: 1.3.7

cpe:2.3:a:jolokia:webarchive_agent:1.3.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000130

Products

Pricing

Contact Us