Описание
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 5.7.0 (включая)
Одно из
cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:4.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01019
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
ubuntu
почти 13 лет назад
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
redhat
больше 13 лет назад
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
debian
почти 13 лет назад
The web console in Apache ActiveMQ before 5.8.0 does not require authe ...
EPSS
Процентиль: 77%
0.01019
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-287