apache/activemq: The latest CVE Vulnerabilities and Exploits for Penetration Test

 

Page content

apache/activemq Vulnerability Summary

  • Vendor name: apache
  • Product name: activemq
  • Total vulnerabilities: 40 (as 2023-05-04)

apache/activemq Vulnerability List

CVE-2022-23913: In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt…

Published: 2022-02-04T23:15:00 Last Modified: 2022-02-10T13:28:00

Summary

In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.

Common Weakness Enumeration (CWE): CWE-400: Uncontrolled Resource Consumption

CWE Description: The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2022-23913 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2020-13947: An instance of a cross-site scripting vulnerability was identified to be present in the web based…

Published: 2021-02-08T22:15:00 Last Modified: 2021-12-03T21:15:00

Summary

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2020-13947 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2021-26117: The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP…

Published: 2021-01-27T19:15:00 Last Modified: 2021-12-07T20:47:00

Summary

The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password.

Common Weakness Enumeration (CWE): CWE-287: Improper Authentication

CWE Description: When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2021-26117 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2021-26118: While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the…

Published: 2021-01-27T19:15:00 Last Modified: 2021-09-21T18:18:00

Summary

While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.

Common Weakness Enumeration (CWE): CWE-287: Improper Authentication

CWE Description: When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2021-26118 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2020-26217: XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow…

Published: 2020-11-16T21:15:00 Last Modified: 2022-02-07T16:15:00

Summary

XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream’s Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.

Common Weakness Enumeration (CWE): CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)

CWE Description: The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Scores

  • Impact Score: 10.0
  • Exploitability Score: 8.6
  • CVSS: 9.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact

  • Availability: COMPLETE
  • Confidentiality: COMPLETE
  • Integrity: COMPLETE

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2020-26217 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2020-11998: A regression has been introduced in the commit preventing JMX re-bind. By passing an empty…

Published: 2020-09-10T19:15:00 Last Modified: 2021-12-10T18:11:00

Summary

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html “A remote client could create a javax.management.loading.MLet MBean and use it to create new MBeans from arbitrary URLs, at least if there is no security manager. In other words, a rogue remote client could make your Java application execute arbitrary code.” Mitigation: Upgrade to Apache ActiveMQ 5.15.13

Scores

  • Impact Score: 6.4
  • Exploitability Score: 10.0
  • CVSS: 7.5
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2020-11998 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2020-13920: Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the…

Published: 2020-09-10T19:15:00 Last Modified: 2021-07-21T11:39:00

Summary

Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the “jmxrmi” entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to proxy the original, and bound that, he effectively becomes a man in the middle and is able to intercept the credentials when an user connects. Upgrade to Apache ActiveMQ 5.15.12.

Common Weakness Enumeration (CWE): CWE-306: Missing Authentication for Critical Function

CWE Description: The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact

  • Availability: NONE
  • Confidentiality: PARTIAL
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2020-13920 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2020-13932: In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS…

Published: 2020-07-20T22:15:00 Last Modified: 2021-01-28T18:03:00

Summary

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console’s browser. The XSS payload is triggered in the diagram plugin; queue node and the info section.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2020-13932 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2020-10727: A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a…

Published: 2020-06-26T16:15:00 Last Modified: 2021-09-21T17:05:00

Summary

A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the resetUsers operation. A local attacker can use this flaw to read the contents of the Artemis shadow file.

Common Weakness Enumeration (CWE): CWE-522: Insufficiently Protected Credentials

CWE Description: The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 3.9
  • CVSS: 2.1
  • CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact

  • Availability: NONE
  • Confidentiality: PARTIAL
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: LOCAL

Currently, there is no code for exploiting the CVE-2020-10727 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2020-1941: In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that…

Published: 2020-05-14T17:15:00 Last Modified: 2021-07-20T23:15:00

Summary

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2020-1941 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2015-7559: It was found that the Apache ActiveMQ client before 5.15.5 exposed a remote shutdown command in…

Published: 2019-08-01T14:15:00 Last Modified: 2019-10-09T23:15:00

Summary

It was found that the Apache ActiveMQ client before 5.15.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.

Common Weakness Enumeration (CWE): CWE-20: Improper Input Validation

CWE Description: The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.0
  • CVSS: 4.0
  • CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: SINGLE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2015-7559 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2019-0222: In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of…

Published: 2019-03-28T22:29:00 Last Modified: 2021-07-21T11:39:00

Summary

In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2019-0222 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2018-8006: An instance of a cross-site scripting vulnerability was identified to be present in the web based…

Published: 2018-10-10T14:29:00 Last Modified: 2021-02-14T02:57:00

Summary

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2018-8006 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2018-11775: TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which…

Published: 2018-09-10T20:29:00 Last Modified: 2021-03-05T19:15:00

Summary

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.

Common Weakness Enumeration (CWE): CWE-295: Improper Certificate Validation

CWE Description: The software does not validate, or incorrectly validates, a certificate.

Scores

  • Impact Score: 4.9
  • Exploitability Score: 8.6
  • CVSS: 5.8
  • CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2018-11775 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2017-12174: It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and…

Published: 2018-03-07T22:29:00 Last Modified: 2021-01-28T16:37:00

Summary

It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.

Common Weakness Enumeration (CWE): CWE-400: Uncontrolled Resource Consumption

CWE Description: The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Scores

  • Impact Score: 6.9
  • Exploitability Score: 10.0
  • CVSS: 7.8
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact

  • Availability: COMPLETE
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2017-12174 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2017-15709: When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain…

Published: 2018-02-13T20:29:00 Last Modified: 2021-03-05T19:15:00

Summary

When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.

Common Weakness Enumeration (CWE): CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE Description: Separate mistakes or weaknesses could inadvertently make the sensitive information available to an attacker, such as in a detailed error message that can be read by an unauthorized party

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact

  • Availability: NONE
  • Confidentiality: PARTIAL
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2017-15709 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2016-6810: In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was…

Published: 2018-01-10T15:29:00 Last Modified: 2019-04-26T15:09:00

Summary

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2016-6810 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2014-3600: XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote…

Published: 2017-10-27T19:29:00 Last Modified: 2019-03-27T20:29:00

Summary

XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.

Common Weakness Enumeration (CWE): CWE-611: Improper Restriction of XML External Entity Reference

CWE Description: The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 10.0
  • CVSS: 7.5
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2014-3600 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2014-3579: XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote…

Published: 2017-10-27T19:29:00 Last Modified: 2019-03-27T20:29:00

Summary

XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.

Common Weakness Enumeration (CWE): CWE-611: Improper Restriction of XML External Entity Reference

CWE Description: The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 10.0
  • CVSS: 7.5
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2014-3579 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2015-3208: XML external entity (XXE) vulnerability in the XPath selector component in Artemis ActiveMQ…

Published: 2017-07-25T18:29:00 Last Modified: 2018-10-17T10:29:00

Summary

XML external entity (XXE) vulnerability in the XPath selector component in Artemis ActiveMQ before commit 48d9951d879e0c8cbb59d4b64ab59d53ef88310d allows remote attackers to have unspecified impact via unknown vectors.

Common Weakness Enumeration (CWE): CWE-611: Improper Restriction of XML External Entity Reference

CWE Description: The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 10.0
  • CVSS: 7.5
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2015-3208 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2016-4978: The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis…

Published: 2016-09-27T15:59:00 Last Modified: 2021-01-29T16:30:00

Summary

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.

Common Weakness Enumeration (CWE): CWE-502: Deserialization of Untrusted Data

CWE Description: The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 6.8
  • CVSS: 6.0
  • CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: SINGLE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2016-4978 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2016-0782: The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and…

Published: 2016-08-05T15:59:00 Last Modified: 2019-03-27T20:29:00

Summary

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting (XSS) attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a queue.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 6.8
  • CVSS: 3.5
  • CVSS Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: SINGLE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2016-0782 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2016-3088: The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to…

Published: 2016-06-01T20:59:00 Last Modified: 2019-03-27T20:29:00

Summary

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.

Common Weakness Enumeration (CWE): CWE-20: Improper Input Validation

CWE Description: The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 10.0
  • CVSS: 7.5
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Exploits Database (Total Exploits Count: 2)

Code designed for conducting penetration testing on CVE-2016-3088 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2016-0734: The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an…

Published: 2016-04-07T19:59:00 Last Modified: 2019-03-27T20:29:00

Summary

The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.

Common Weakness Enumeration (CWE): CWE-254: 7PK - Security Features

CWE Description: Software security is not security software. Here we’re concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2016-0734 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2015-5254: Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the…

Published: 2016-01-08T19:59:00 Last Modified: 2019-12-17T17:41:00

Summary

Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.

Common Weakness Enumeration (CWE): CWE-20: Improper Input Validation

CWE Description: The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 10.0
  • CVSS: 7.5
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2015-5254 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2014-3612: The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in…

Published: 2015-08-24T14:59:00 Last Modified: 2019-03-27T20:29:00

Summary

The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6524 for the use of wildcard operators in usernames.

Common Weakness Enumeration (CWE): CWE-287: Improper Authentication

CWE Description: When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 10.0
  • CVSS: 7.5
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2014-3612 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2015-6524: The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in…

Published: 2015-08-24T14:59:00 Last Modified: 2016-12-09T14:29:00

Summary

The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-3612 per ADT2 due to different vulnerability types.

Common Weakness Enumeration (CWE): CWE-255: Credentials Management Errors

CWE Description: Weaknesses in this category are related to the management of credentials.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact

  • Availability: NONE
  • Confidentiality: PARTIAL
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2015-6524 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2015-1830: Directory traversal vulnerability in the fileserver upload/download functionality for blob…

Published: 2015-08-19T15:59:00 Last Modified: 2019-03-27T20:29:00

Summary

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors.

Common Weakness Enumeration (CWE): CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)

CWE Description: The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Exploits Database (Total Exploits Count: 2)

Code designed for conducting penetration testing on CVE-2015-1830 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2014-3576: The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before…

Published: 2015-08-14T18:59:00 Last Modified: 2019-03-27T20:29:00

Summary

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.

Common Weakness Enumeration (CWE): CWE-264: Permissions, Privileges, and Access Controls

CWE Description: Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2014-3576 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2014-8110: Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in…

Published: 2015-02-12T16:59:00 Last Modified: 2019-03-27T20:29:00

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5.x before 5.10.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2014-8110 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2013-1880: Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web…

Published: 2014-02-05T18:55:00 Last Modified: 2016-11-28T19:08:00

Summary

Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerability than CVE-2012-6092.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2013-1880 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2013-1879: Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier…

Published: 2013-07-20T03:37:00 Last Modified: 2017-08-29T01:33:00

Summary

Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the “cron of a message.”

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2013-1879 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2013-3060: The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows…

Published: 2013-04-21T21:55:00 Last Modified: 2016-11-28T19:09:00

Summary

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.

Common Weakness Enumeration (CWE): CWE-287: Improper Authentication

CWE Description: When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Scores

  • Impact Score: 4.9
  • Exploitability Score: 10.0
  • CVSS: 6.4
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2013-3060 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2012-6092: Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before…

Published: 2013-04-21T21:55:00 Last Modified: 2016-11-28T19:08:00

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2012-6092 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2012-6551: The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which…

Published: 2013-04-21T21:55:00 Last Modified: 2016-11-28T19:08:00

Summary

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.

Common Weakness Enumeration (CWE): CWE-399: Resource Management Errors

CWE Description: This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2012-6551 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2012-5784: Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal…

Published: 2012-11-04T22:55:00 Last Modified: 2019-06-07T21:29:00

Summary

Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject’s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Common Weakness Enumeration (CWE): CWE-20: Improper Input Validation

CWE Description: The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Scores

  • Impact Score: 4.9
  • Exploitability Score: 8.6
  • CVSS: 5.8
  • CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2012-5784 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2011-4905: Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-…

Published: 2012-01-05T16:55:00 Last Modified: 2012-01-05T19:13:00

Summary

Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.

Common Weakness Enumeration (CWE): CWE-399: Resource Management Errors

CWE Description: This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2011-4905 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2010-1587: The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows…

Published: 2010-04-28T22:30:00 Last Modified: 2018-10-10T19:57:00

Summary

The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.

Common Weakness Enumeration (CWE): CWE-20: Improper Input Validation

CWE Description: The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact

  • Availability: NONE
  • Confidentiality: PARTIAL
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Exploits Database (Total Exploits Count: 1)

Code designed for conducting penetration testing on CVE-2010-1587 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2010-0684: Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before…

Published: 2010-04-05T16:30:00 Last Modified: 2018-10-10T19:53:00

Summary

Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.

Common Weakness Enumeration (CWE): CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

CWE Description: The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 6.8
  • CVSS: 3.5
  • CVSS Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Impact

  • Availability: NONE
  • Confidentiality: NONE
  • Integrity: PARTIAL

Access

  • Authentication: SINGLE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2010-0684 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2010-1244: Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ…

Published: 2010-04-05T16:30:00 Last Modified: 2017-08-17T01:32:00

Summary

Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.

Common Weakness Enumeration (CWE): CWE-352: Cross-Site Request Forgery (CSRF)

CWE Description: The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Scores

  • Impact Score: 6.4
  • Exploitability Score: 8.6
  • CVSS: 6.8
  • CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2010-1244 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache