Vulnerabilities > CVE-2023-31444 - Unspecified vulnerability in Talend Studio 8.0.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

talend

NVD

Published: 2023-04-28

Updated: 2023-05-08

Summary

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge.

Vulnerable Configurations

Part	Description	Count
Application	Talend Talend Studio 8.0.0 Talend Studio -	2

References

https://talend.com
https://www.talend.com/security/incident-response/#CVE-2023-31444