Jolokia Version Disclosure Vulnerability Scanner
Jolokia contains an unauthenticated version disclosure vulnerability.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
5 sec
Scan only one
Url
Parent Category
Jolokia Version Disclosure Vulnerability Scanner Detail
Jolokia is an agent based approach for remote JMX access. It is an alternative to standard JSR 160 connectors. The communication between client and agent goes over HTTP (either GET or POST), where the request and response payload is represented in JSON. An attacker may identify a version disclosure in the target Jolokia web server's HTTP response.
An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified.
Try it yourself,
control security posture
control security posture