StreamPark is an enterprise content management system used by some organizations for document and file storage. The vulnerability in StreamPark allows attackers to exploit weak encryption algorithms, potentially exposing sensitive authentication data such as JWT tokens.
You're affected if you use Weak Encryption Algorithm. Affected versions: 2.1.7
Upgrade to StreamPark 2.1.7 or later from the official Apache Software Foundation website: https://streampark.apache.org/download/
- Immediate mitigations:
- Disable JWT token usage temporarily until a patch is available.
- Monitor for suspicious authentication activity and adjust access controls accordingly.