CVE-2020-11971

Description

Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel users should upgrade to 3.2.0.

How to fix CVE-2020-11971

To remediate CVE-2020-11971, upgrade the affected package to a fixed version below.

• Maven/org.apache.camel:camel—upgrade to 3.2.0 or later
• Maven/org.apache.camel:camel-core—upgrade to 3.2.0 or later
• —upgrade to 3.2.0 or later

Is CVE-2020-11971 being exploited?

Moderate — EPSS is 9.7%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (3)

• from 0, < 3.2.0
• from 0, < 3.2.0
• from 0, < 3.2.0

CVSS scores

References (19)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2020-11971
• PATCHgithub.com/apache/camel
• WEBcamel.apache.org/security/CVE-2020-11971.html
• WEBgithub.com/apache/camel/commit/b954402272ddcfbb45dc1495520f920e70cc041c
• WEB