Apache MINA is a web application framework from the Apache Foundation (USA). The product is mainly used to develop high-performance and highly scalable web applications. Apache MINA 2.9.1 and earlier versions have a deserialization vulnerability, which stems from the use of Java deserialization to load serialized java.security.PrivateKey, which can be exploited by an attacker to load the host key of an SSH server.
CPE | Name | Operator | Version |
---|---|---|---|
apache apache mina | le | 2.9.1 |