splunk-otel-javaagent: Unsafe deserialization in RMI instrumentation may lead to Remote Code Execution
In versions prior to 2.26.1, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. An attacker with network access to a JMX or RMI port on an instrumented JVM could exploit this to potentially achieve remote code execution. All three of the following conditions must be true to exploit this vulnerability: Splunk Distribution of OpenTelemetry Java is attached as a Java agent (-javaagent) An …