Misconfiguration of Java web server component Jolokia puts orgs at risk

CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesDBMS

Misconfiguration of a commonly used Java web server component puts websites at risk of attack, web dev and security researcher Mat Mannion has warned. Shortcomings in Jolokia’s Java Management Extensions (JMX) open the door to information disclosure, denial of service, and other potential attacks against Java web servers.