Описание
When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Fuse 6 | Broker | Not affected | ||
| Red Hat JBoss Fuse Service Works 6 | activemq-openwire-generator | Out of support scope |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1548057activemq-openwire-generator: Information Exposure in ActiveMQ
EPSS
Процентиль: 98%
0.65728
Средний
3.5 Low
CVSS3
Связанные уязвимости
CVSS3: 3.7
ubuntu
почти 8 лет назад
When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.
CVSS3: 3.7
nvd
почти 8 лет назад
When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.
CVSS3: 3.7
debian
почти 8 лет назад
When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 ...
CVSS3: 3.7
github
больше 3 лет назад
ActiveMQ's OpenWire protocol exposes certain system details as plain text
EPSS
Процентиль: 98%
0.65728
Средний
3.5 Low
CVSS3