Описание
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
It was found that the Apache ActiveMQ client exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss A-MQ 6.2.1 | amq-client | Affected | ||
| Red Hat JBoss A-MQ 6.3 | Fixed | RHSA-2017:0868 | 03.04.2017 | |
| Red Hat JBoss Fuse 6.3 | Fixed | RHSA-2017:0868 | 03.04.2017 |
Показывать по
Дополнительная информация
Статус:
2.7 Low
CVSS3
2.6 Low
CVSS2
Связанные уязвимости
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
It was found that the Apache ActiveMQ client before 5.14.5 exposed a r ...
Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ
2.7 Low
CVSS3
2.6 Low
CVSS2