Описание
It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss A-MQ 6 | Karaf | Affected | ||
| Red Hat JBoss Fuse 6 | Karaf | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-502
https://bugzilla.redhat.com/show_bug.cgi?id=1398524Fuse-6: JMX endpoint deserializes untrusted credentials.
EPSS
Процентиль: 57%
0.00345
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Связанные уязвимости
CVSS3: 5.3
nvd
больше 7 лет назад
It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.
CVSS3: 5.3
github
больше 3 лет назад
It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.
EPSS
Процентиль: 57%
0.00345
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2