CVE Catalog

CVE-2023-34442

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.32%

24th percentile — higher than 24% of all known CVEs

Summary

A vulnerability in Apache Camel allows unauthorized exposure of sensitive information. It affects versions from 3.X to 3.14.8, 3.18.X to 3.18.7, 3.20.X to 3.20.5, and 4.X to 4.0.0-M3.

Risk Assessment

The exposure of sensitive data can lead to serious security breaches and loss of customer trust. Organizations may be vulnerable to attacks and financial losses.

Recommendation

It is recommended to upgrade to versions 3.14.9, 3.18.8, 3.20.6, or 3.21.0, and users on Camel 4.x should update to 4.0.0-M1.

Original NVD description (English source)

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

Vulnerability data from NVD (NIST) · CISA KEV · EPSS