CVE-2014-0121

The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter.

Date published : 2017-12-29

https://bugzilla.redhat.com/show_bug.cgi?id=1072716

https://github.com/hawtio/hawtio/commit/5289715e4f2657562fdddcbad830a30969b96e1e