CVE-2023-4066

🗓️ 27 Sep 2023 20:54:42Reported by redhatType

A flaw in Red Hat's AMQ Broker exposes passwords in plaintex

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-4066	28 Sep 202300:41	–	circl
CNNVD	Red Hat AMQ Broker 安全漏洞	23 Aug 202300:00	–	cnnvd
Cvelist	CVE-2023-4066 Operator: passwords defined in secrets shown in statefulset yaml	27 Sep 202320:54	–	cvelist
EUVD	EUVD-2023-53956	3 Oct 202520:07	–	euvd
NVD	CVE-2023-4066	27 Sep 202321:15	–	nvd
OSV	CVE-2023-4066	27 Sep 202321:15	–	osv
Prion	Design/Logic Flaw	27 Sep 202321:15	–	prion
Positive Technologies	PT-2023-27582 · Red Hat · Red Hat Amq Broker	27 Sep 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-4066	23 Aug 202312:49	–	redhatcve
RedHat Linux	Moderate: Red Hat Security Advisory: AMQ Broker 7.11.1.OPR.2.GA Container Images Release	23 Aug 202315:08	–	redhat

NVD

Node

redhat jboss_a-mqMatch7

redhat jboss_middlewareMatch1

Node

redhat openshift_container_platformMatch4.11

redhat openshift_container_platformMatch4.12

AND

redhat enterprise_linuxMatch8.0

[
  {
    "vendor": "Red Hat",
    "product": "RHEL-8 based Middleware Containers",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "amq7/amq-broker-rhel8-operator",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "7.11.1-9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhosemc:1.0::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "RHEL-8 based Middleware Containers",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "amq7/amq-broker-rhel8-operator-bundle",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "7.11.1-12",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhosemc:1.0::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat AMQ Broker 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "activemq-broker-operator",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:amq_broker:7"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2023-4066
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2023:4720

20 Nov 2025 19:52Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.5

EPSS0.00041

SSVC