Jolokia Version Disclosure Vulnerability Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

5

Jolokia Version Disclosure Vulnerability Scanner Detail

Jolokia contains an unauthenticated version disclosure vulnerability.

Jolokia is an agent based approach for remote JMX access. It is an alternative to standard JSR 160 connectors. The communication between client and agent goes over HTTP (either GET or POST), where the request and response payload is represented in JSON. An attacker may identify a version disclosure in the target Jolokia web server's HTTP response.


An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified.

Some Advice for Common Problems

Restrict access to the /jolokia path on the web server where Jolokia is deployed.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service