漏洞描述 Spring Boot Jolokia 是一个用于管理和监控 Spring Boot 应用程序的开源库。Jolokia(Java + OSGi + JMX + JSON)是一个为Java应用程序提供远程JMX(Java Management Extensions)访问的框架。Spring Boot Jolokia 存在远程代码漏洞
相关漏洞推荐 POC CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal POC CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal POC springboot-heapdump: Spring Boot Actuator - Heap Dump Detection POC springboot-actuators-jolokia-xxe: Spring Boot Actuators (Jolokia) XXE Spring Boot actuator heapdump存在未授权漏洞 Lukashinsch Spring Boot Actuator Logview 路径遍历漏洞