CVE-2015-5254

🗓️ 08 Jan 2016 19:00:00Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 199 Views

Apache ActiveMQ 5.x before 5.13.0 allows remote code execution via crafted serialized JMS ObjectMessage object

Reporter	Title	Published	Views	Family All 67
IBM Security Bulletins	Security Bulletin: IBM Tivoli Netcool Impact is affected by multiple vulnerabilities in IBM Tivoli Integrated Portal (TIP)	17 Jun 201815:50	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in Jazz for Service Management shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2015-5254)	17 Jun 201815:48	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities in ActiveMQ Affect IBM Sterling B2B Integrator	5 Feb 202000:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Jazz for Service Management is vulnerable due to Log4j 1.2 SocketServer Remote Code Execution and Deserialization of Untrusted Data	24 Jun 202511:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli Netcool Impact affected by OpenSource Apache ActiveMQ Vulnerability (CVE-2015-5254)	17 Jun 201815:48	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache ActiveMQ affects IBM Control Center (CVE-2015-5254)	17 Dec 201922:47	–	ibm
IBM Security Bulletins	Security Bulletin: OpenSource Apache ActiveMQ Vulnerability identified with Jazz for Service Management (JazzSM) v1.1.3 (CVE-2015-5254)	17 Jun 201815:47	–	ibm
IBM Security Bulletins	Security Bulletin: OpenSource Apache ActiveMQ vulnerabilities identified with IBM Tivoli Integrated Portal (TIP) v2.2	17 Jun 201815:50	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM Tivoli Integrated Portal (TIP) shipped with Tivoli Business Service Manager (CVE-2015-5254, CVE-2014-3600, CVE-2014-3612, CVE-2014-8110, CVE-2014-3579)	17 Jun 201815:50	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management	2 May 202412:46	–	ibm

NVD

Node

redhat openshiftMatch2.0

Node

apache activemqMatch5.0.0

apache activemqMatch5.1.0

apache activemqMatch5.2.0

apache activemqMatch5.3.0

apache activemqMatch5.3.1

apache activemqMatch5.3.2

apache activemqMatch5.4.0

apache activemqMatch5.4.1

apache activemqMatch5.4.3

apache activemqMatch5.5.0

apache activemqMatch5.5.1

apache activemqMatch5.6.0

apache activemqMatch5.7.0

apache activemqMatch5.8.0

apache activemqMatch5.9.0

apache activemqMatch5.9.1

apache activemqMatch5.10.0

apache activemqMatch5.10.1

apache activemqMatch5.10.2

apache activemqMatch5.11.0

apache activemqMatch5.11.1

apache activemqMatch5.11.2

apache activemqMatch5.12.0

apache activemqMatch5.12.1

Node

fedoraproject fedoraMatch22

fedoraproject fedoraMatch23

Source	Link
h20566	www.h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay
lists	www.lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
lists	www.lists.fedoraproject.org/pipermail/package-announce/2015-December/174537.html
rhn	www.rhn.redhat.com/errata/RHSA-2016-2036.html
rhn	www.rhn.redhat.com/errata/RHSA-2016-0489.html
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2015-December/174371.html
issues	www.issues.apache.org/jira/browse/AMQ-6013
openwall	www.openwall.com/lists/oss-security/2015/12/08/6
debian	www.debian.org/security/2016/dsa-3524

06 May 2026 22:30Current

8.7High risk

Vulners AI Score8.7

CVSS 27.5

CVSS 39.8

EPSS0.8038

CWE-20