Apache Camel CVE-2018-8041 Directory Traversal Vulnerability



Apache Camel is prone to a directory-traversal vulnerability.

A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.
Apache Camel 2.20.0 through 2.20.3, Camel 2.21.0 through 2.21.1 and Camel 2.22.0 are vulnerable.

Information

Bugtraq ID: 105352
Class: Input Validation Error
CVE: CVE-2018-8041

Remote: Yes
Local: No
Published: Sep 17 2018 12:00AM
Updated: Sep 17 2018 12:00AM
Credit: The vendor reported this issue.
Vulnerable: Apache Camel 2.22
Apache Camel 2.21.1
Apache Camel 2.21
Apache Camel 2.20.3
Apache Camel 2.20.1
Apache Camel 2.20


Not Vulnerable: Apache Camel 2.22.1
Apache Camel 2.21.2
Apache Camel 2.20.4


Exploit


An attacker can exploit this issue using a web browser.


Related Posts