CVE-2020-11971
high-risk
Published 2020-05-14
Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.
Do I need to act?
~
9.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (7)
Communications Diameter Intelligence Hub
References (30)
Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html
Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html
and 10 more references
51
/ 100
high-risk
Severity
26/34 · High
Exploitability
11/34 · Low
Exposure
14/34 · Moderate