Vulnerabilities > CVE-2023-34442 - Unspecified vulnerability in Apache Camel

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

local

low complexity

apache

NVD

Published: 2023-07-10

Updated: 2023-07-17

Summary

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Camel 4.0.0 Apache Camel 3.20.0 Apache Camel 3.20.1 Apache Camel 3.20.2 Apache Camel 3.20.3 Apache Camel 3.20.4 Apache Camel 3.20.5 Apache Camel 3.18.0 Apache Camel 3.18.1 Apache Camel 3.18.2 Apache Camel 3.18.3 Apache Camel 3.18.4 Apache Camel 3.18.7 Apache Camel 3.0.0 Apache Camel 3.0.1 Apache Camel 3.1.0 Apache Camel 3.2.0 Apache Camel 3.3.0 Apache Camel 3.4.0 Apache Camel 3.4.1 Apache Camel 3.4.2 Apache Camel 3.4.3 Apache Camel 3.4.4 Apache Camel 3.4.5 Apache Camel 3.4.6 Apache Camel 3.5.0 Apache Camel 3.6.0 Apache Camel 3.7.0 Apache Camel 3.7.1 Apache Camel 3.7.2 Apache Camel 3.7.3 Apache Camel 3.7.4 Apache Camel 3.7.5 Apache Camel 3.7.6 Apache Camel 3.7.7 Apache Camel 3.8.0 Apache Camel 3.9.0 Apache Camel 3.10.0 Apache Camel 3.11.0 Apache Camel 3.11.1 Apache Camel 3.11.2 Apache Camel 3.11.3 Apache Camel 3.11.4 Apache Camel 3.11.5 Apache Camel 3.11.6 Apache Camel 3.11.7 Apache Camel 3.12.0 Apache Camel 3.13.0 Apache Camel 3.14.0 Apache Camel 3.14.1 Apache Camel 3.14.2 Apache Camel 3.14.3 Apache Camel 3.14.4 Apache Camel 3.14.5 Apache Camel 3.14.6 Apache Camel 3.14.7 Apache Camel 3.14.8	66

References

https://lists.apache.org/thread/x4vy2hhbltb1xrvy1g6m8hpjgj2k7wgh