Summary

Acunetix 360 identified that the target web site is using Jolokia and detected that it is out of date. Jolokia is an agent based approach for remote JMX access. It is an alternative to standard JSR 160 connectors. The communication between client and agent goes over HTTP (either GET or POST), where the request and response payload is represented in JSON.

Impact

Since this is an old version of the software, it may be vulnerable to attacks.

Remediation

Please upgrade your installation of Jolokia to the latest stable version.

Severity

Information

Classification

PCI v3.2-6.2 CAPEC-310 CWE-829 HIPAA-164.308(a)(1)(i) ISO27001-A.14.1.2 OWASP 2013-A9 OWASP 2017-A9