CVE-2023-34442
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk24th percentile — higher than 24% of all known CVEs
Summary
A vulnerability in Apache Camel allows unauthorized exposure of sensitive information. It affects versions from 3.X to 3.14.8, 3.18.X to 3.18.7, 3.20.X to 3.20.5, and 4.X to 4.0.0-M3.
Risk Assessment
The exposure of sensitive data can lead to serious security breaches and loss of customer trust. Organizations may be vulnerable to attacks and financial losses.
Recommendation
It is recommended to upgrade to versions 3.14.9, 3.18.8, 3.20.6, or 3.21.0, and users on Camel 4.x should update to 4.0.0-M1.
Original NVD description (English source)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

