Summary #

Netsparker identified that the target web site is using Jolokia and detected that it is out of date. Jolokia is an agent based approach for remote JMX access. It is an alternative to standard JSR 160 connectors. The communication between client and agent goes over HTTP (either GET or POST), where the request and response payload is represented in JSON.

Impact #
Since this is an old version of the software, it may be vulnerable to attacks.
Remediation #

Please upgrade your installation of Jolokia to the latest stable version.

Classifications #
PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

OR

Search Vulnerability

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo