cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-50780,https://securityvulnerability.io/vulnerability/CVE-2023-50780,Arbitrary File Write Vulnerability in ActiveMQ Artemis Could Lead to RCE,"The vulnerability in Apache ActiveMQ Artemis originates from the unauthorized exposure of diagnostic information and control mechanisms through MBeans, particularly accessible via the authenticated Jolokia endpoint. Prior to version 2.29.0, the Log4J2 MBean was also part of this exposure, which is not intended for non-administrative user access. An authenticated attacker can leverage this situation to write arbitrary files to the filesystem, paving the way for potential remote code execution. It is strongly recommended that users upgrade to version 2.29.0 or later to mitigate this risk.",Apache,Apache ActiveMQ Artemis,8.8,HIGH,0.0006500000017695129,false,,false,false,true,2024-12-18T07:07:24.000Z,true,false,false,,2024-10-14T16:03:38.321Z,0
CVE-2024-32114,https://securityvulnerability.io/vulnerability/CVE-2024-32114,Default Configuration Flaw Exposes ActiveMQ Broker to Unauthorized Access,"In Apache ActiveMQ versions prior to 6.1.2, the default security configuration fails to secure key API endpoints, specifically the Jolokia JMX REST API and the Message REST API. This lack of authentication enables unauthorized users to access sensitive functionalities, allowing potential manipulation of the broker's operations, including message production, consumption, and destination deletion. To prevent unauthorized access, it is crucial to update the conf/jetty.xml configuration file to enforce authentication or upgrade to version 6.1.2 where security measures are implemented by default.",Apache,Apache ActiveMQ,8.8,HIGH,0.006560000125318766,false,,false,false,false,,,false,false,,2024-05-02T08:29:18.219Z,0
CVE-2022-41678,https://securityvulnerability.io/vulnerability/CVE-2022-41678,Apache ActiveMQ: Insufficient API restrictions on Jolokia allow authenticated users to perform RCE,"An vulnerability exists in ActiveMQ due to improper handling of requests via Jolokia, which allows authenticated users to trigger arbitrary code execution. By manipulating JMX requests through the ExecHandler, it becomes possible for an attacker to execute arbitrary code by using unrestricted deserialization methods available in certain Java versions. This could potentially lead to the deployment of web shells that compromise the server. It is crucial for users to apply stricter configurations or disable Jolokia to mitigate this risk, specifically in ActiveMQ distributions version 5.16.6, 5.17.4, 5.18.0, and 6.0.0.",Apache,Apache ActiveMQ,8.8,HIGH,0.008369999937713146,false,,false,false,true,2024-11-29T05:48:21.000Z,true,false,false,,2023-11-28T15:08:38.338Z,0
CVE-2023-46604,https://securityvulnerability.io/vulnerability/CVE-2023-46604,Remote Code Execution Vulnerability Affects Java OpenWire Protocol Marshaller,"The Java OpenWire protocol marshaller in Apache ActiveMQ is susceptible to a remote code execution vulnerability, allowing attackers with network access to execute arbitrary shell commands. By manipulating serialized class types in the OpenWire protocol, an attacker can cause the client or broker to instantiate any class located on the classpath. This vulnerability affects both brokers and clients, underscoring the importance of timely updates to versions 5.15.16, 5.16.7, 5.17.6, or 5.18.3 to mitigate the associated risks.",Apache,"Apache ActiveMQ,Apache ActiveMQ Legacy Openwire Module",9.8,CRITICAL,0.9701799750328064,true,2023-11-02T00:00:00.000Z,true,true,true,2023-11-02T00:00:00.000Z,true,false,false,,2023-10-27T15:15:00.000Z,167
CVE-2022-35278,https://securityvulnerability.io/vulnerability/CVE-2022-35278,HTML Injection in ActiveMQ Artemis Web Console,"In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.",Apache,Apache ActiveMQ Artemis,6.1,MEDIUM,0.0029100000392645597,false,,false,false,false,,,false,false,,2022-08-23T00:00:00.000Z,0
CVE-2022-23913,https://securityvulnerability.io/vulnerability/CVE-2022-23913,Apache ActiveMQ Artemis DoS,"In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.",Apache,Apache ActiveMQ Artemis,7.5,HIGH,0.0013599999947473407,false,,false,false,false,,,false,false,,2022-02-04T22:33:01.000Z,0
CVE-2020-13947,https://securityvulnerability.io/vulnerability/CVE-2020-13947,Cross-Site Scripting Vulnerability in Apache ActiveMQ Web Console,"A cross-site scripting vulnerability exists in the web-based administration console of Apache ActiveMQ, specifically on the message.jsp page. This flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising sensitive data and leading to unauthorized actions. It is crucial for users of affected versions to implement security patches to mitigate this risk.",Apache,Apache ActiveMQ,6.1,MEDIUM,0.01334999967366457,false,,false,false,false,,,false,false,,2021-02-08T21:25:27.000Z,0
CVE-2021-26118,https://securityvulnerability.io/vulnerability/CVE-2021-26118,Flaw in ActiveMQ Artemis OpenWire support,While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.,Apache,Apache ActiveMQ Artemis,7.5,HIGH,0.0023300000466406345,false,,false,false,false,,,false,false,,2021-01-27T18:55:13.000Z,0
CVE-2021-26117,https://securityvulnerability.io/vulnerability/CVE-2021-26117,ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind,"The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password.",Apache,Apache ActiveMQ,7.5,HIGH,0.001610000035725534,false,,false,false,false,,,false,false,,2021-01-27T00:00:00.000Z,0
CVE-2020-11998,https://securityvulnerability.io/vulnerability/CVE-2020-11998,Remote Code Execution Vulnerability in Apache ActiveMQ by Oracle,"A regression in Apache ActiveMQ allows a remote client to exploit a flaw in the RMIConnectorServer by supplying an empty environment map, resulting in the possibility for executing arbitrary code through the creation of MBeans from untrusted URLs. If no security manager is present, this vulnerability may be exploited to compromise affected Java applications. To mitigate this issue, it is imperative to upgrade to Apache ActiveMQ version 5.15.13 or later.",Apache,Apache ActiveMQ,9.8,CRITICAL,0.004470000043511391,false,,false,false,false,,,false,false,,2020-09-10T18:10:22.000Z,0
CVE-2020-13920,https://securityvulnerability.io/vulnerability/CVE-2020-13920,Remote Code Execution Vulnerability in Apache ActiveMQ,"Apache ActiveMQ uses LocateRegistry.createRegistry() to create a JMX RMI registry, allowing unauthenticated access to the 'jmxrmi' entry. An attacker can exploit this by connecting to the registry and utilizing the rebind method to redirect 'jmxrmi' to a malicious server. This scenario can lead to man-in-the-middle attacks, enabling the attacker to potentially intercept sensitive user credentials when they connect to the original server. To mitigate this vulnerability, it is essential to upgrade to Apache ActiveMQ version 5.15.12 or later.",Apache,Apache ActiveMQ,5.9,MEDIUM,0.004259999841451645,false,,false,false,false,,,false,false,,2020-09-10T00:00:00.000Z,0
CVE-2020-13932,https://securityvulnerability.io/vulnerability/CVE-2020-13932,Remote Cross-Site Scripting in Apache ActiveMQ Artemis,"A vulnerability within Apache ActiveMQ Artemis versions 2.5.0 to 2.13.0 allows an attacker to execute remote cross-site scripting (XSS) attacks via specially crafted MQTT packets. These packets can include malicious scripts in the client-id or topic name, which upon processing trigger an injection into the admin console's browser. This exploitation specifically affects the diagram plugin and the info section of queue nodes, posing a security risk to users accessing the web console.",Apache,Apache ActiveMQ Artemis,6.1,MEDIUM,0.005400000140070915,false,,false,false,false,,,false,false,,2020-07-20T21:08:34.000Z,0
CVE-2020-1941,https://securityvulnerability.io/vulnerability/CVE-2020-1941,XSS Vulnerability in Apache ActiveMQ Admin GUI,"A Cross-Site Scripting (XSS) vulnerability exists in the Apache ActiveMQ webconsole admin GUI that could allow an attacker to inject malicious scripts. This issue affects versions 5.0.0 through 5.15.11, and could be exploited when the contents of a queue are viewed. Proper user input validation and sanitization practices are essential to mitigate this risk and protect sensitive data.",Apache,Apache ActiveMQ,6.1,MEDIUM,0.0036800000816583633,false,,false,false,false,,,false,false,,2020-05-14T16:29:26.000Z,0
CVE-2019-0222,https://securityvulnerability.io/vulnerability/CVE-2019-0222,Unmarshal Issues in Apache ActiveMQ MQTT Broker,"In specific versions of Apache ActiveMQ, a vulnerability exists that allows corrupt MQTT frames to be processed during unmarshalling, potentially leading to an Out of Memory exception in the broker. This can result in the broker becoming unresponsive, disrupting service and impacting applications that rely on message queuing. It is crucial for users of affected versions to apply updates or mitigations as provided by Apache to prevent such disruptions.",Apache,Apache ActiveMQ,7.5,HIGH,0.006049999967217445,false,,false,false,false,,,false,false,,2019-03-28T21:16:12.000Z,0
CVE-2018-8006,https://securityvulnerability.io/vulnerability/CVE-2018-8006,,An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.,Apache,Apache ActiveMQ,6.1,MEDIUM,0.3603000044822693,false,,false,false,false,,,false,false,,2018-10-10T00:00:00.000Z,0
CVE-2018-11775,https://securityvulnerability.io/vulnerability/CVE-2018-11775,,TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.,Apache,Apache ActiveMQ,7.4,HIGH,0.003329999977722764,false,,false,false,false,,,false,false,,2018-09-10T00:00:00.000Z,0
CVE-2017-15709,https://securityvulnerability.io/vulnerability/CVE-2017-15709,,When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.,Apache,Apache ActiveMQ,3.7,LOW,0.0018100000452250242,false,,false,false,false,,,false,false,,2018-02-13T00:00:00.000Z,0
CVE-2016-6810,https://securityvulnerability.io/vulnerability/CVE-2016-6810,,"In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.",Apache,Apache ActiveMQ,6.1,MEDIUM,0.003599999938160181,false,,false,false,false,,,false,false,,2018-01-10T15:29:00.000Z,0