Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

The vulnerability of the Hawtio web console in the Apache ActiveMQ software platform allows a malicious actor to reuse the session identifier of an authenticated user.

🗓️ 03 Nov 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Hawtio console vulnerability in ActiveMQ allows session reuse due to cookies lacking secure attributes.

Related
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Resilient is vulnerable to Using Components with Known Vulnerabilities
19 Apr 202121:45
ibm
IBM Security Bulletins		Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities
18 Feb 201914:10
ibm
IBM Security Bulletins		Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - activemq-camel-5.15.9.jar (CVE-2015-5182, CVE-2015-5183, CVE-2015-5184, CVE-2020-1941)
31 Aug 202022:52
ibm
CNVD		Red Hat JBoss A-MQ Hawtio console security bypass vulnerability
12 Oct 201700:00
cnvd
CVE		CVE-2015-5183
25 Sep 201721:00
cve
Cvelist		CVE-2015-5183
25 Sep 201721:00
cvelist
EUVD		EUVD-2015-5184
7 Oct 202500:30
euvd
NVD		CVE-2015-5183
25 Sep 201721:29
nvd
Prion		Command injection
25 Sep 201721:29
prion
RedHat Linux		Low: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R9 security and bug fix update
1 Oct 201819:42
redhat
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
23 Mar 2021 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 36.3
CVSS 27.5
EPSS0.00396
Hawtio consoleActiveMQ platformSession reuseCookie attributesSecure attributeCookie security
1