CVE-2023-34442

Summary

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3.

Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Camel JIRA3.x <= <=3.14.8affected
Apache Software FoundationApache Camel JIRA3.18.x <= <=3.18.7affected
Apache Software FoundationApache Camel JIRA3.20.x <= <= 3.20.5affected
Apache Software FoundationApache Camel JIRA4.x <= <= 4.0.0-M3affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References