Red Hat Bugzilla – Bug 1415543
CVE-2017-2594 hawtio: information Disclosure flaws due to unsafe path traversal
Last modified: 2018-05-08 10:34:24 EDT
It was found that a path traversal vulnerability in hawtio leads to a NullPointerException with a full stacktrace. An attacker can use this flaw to gather undisclosed information from withinhawtio's root.
Name: Hooman Broujerdi (Red Hat)
This issue has been addressed in the following products:
Red Hat JBoss Fuse
Via RHSA-2017:1832 https://access.redhat.com/errata/RHSA-2017:1832