NuytsTech Security

CVE-2017-2594

by ·

hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio’s root.

Date published : 2018-05-08

http://www.securityfocus.com/bid/95793

https://access.redhat.com/errata/RHSA-2017:1832

Tags: