Lucene search
This script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ACTIVEMQ_5_15_5.NASLHistoryAug 30, 2018 - 12:00 a.m.
Apache ActiveMQ 5.x < 5.15.5 Multiple Vulnerabilities
2018-08-3000:00:00
This script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
168
7.5 High
AI Score
Confidence
Low
The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.15.5. It is, therefore, affected by multiple vulnerabilities.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(112192);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/19");
script_cve_id(
"CVE-2012-0881",
"CVE-2014-0114",
"CVE-2015-5182",
"CVE-2016-3092",
"CVE-2016-5425",
"CVE-2016-6325",
"CVE-2016-8735",
"CVE-2018-7489",
"CVE-2018-8006"
);
script_bugtraq_id(
67121,
68753,
91453,
93472,
93478,
94463,
103203,
105156
);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/06/02");
script_name(english:"Apache ActiveMQ 5.x < 5.15.5 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"A web application running on the remote host is affected by multiple
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Apache ActiveMQ running on the remote host is 5.x prior
to 5.15.5. It is, therefore, affected by multiple vulnerabilities.");
script_set_attribute(attribute:"see_also", value:"http://activemq.apache.org/activemq-5155-release.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apache ActiveMQ version 5.15.5 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-7489");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Apache Struts ClassLoader Manipulation Remote Code Execution');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/06");
script_set_attribute(attribute:"patch_publication_date", value:"2018/08/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/30");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apache:activemq");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_set_attribute(attribute:"agent", value:"unix");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("activemq_web_console_detect.nasl","apache_activemq_nix_installed.nbin","activemq_listen_port_detect.nbin");
script_require_keys("installed_sw/Apache ActiveMQ");
exit(0);
}
include("vcf.inc");
var app = vcf::combined_get_app_info(app:'Apache ActiveMQ');
var constraints = [
{ "min_version" : "5.0.0", "max_version" : "5.15.4", "fixed_version" : "5.15.5" }
];
vcf::check_version_and_report(app_info:app, constraints:constraints, severity:SECURITY_HOLE, flags:{flags: {'xss':TRUE}, xsrf:TRUE});
References
activemq.apache.org/activemq-5155-release.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0881
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5182
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5425
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6325
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8006
Related
ibm
ibm
redhat
redhat
nessus
nessus
EulerOS 2.0 SP1 : tomcat (EulerOS-SA-2016-1049)
2017-05-01 00:00:00
Oracle Linux 7 : tomcat (ELSA-2016-2046) (httpoxy)
2016-10-11 00:00:00
RHEL 7 : tomcat (RHSA-2016:2046) (httpoxy)
2016-10-11 00:00:00
osv
osv
Apache ActiveMQ web console vulnerable to Cross-site Scripting
2018-10-30 20:48:58
CVE-2018-8006
2018-10-10 14:29:00
Denial of service in Apache Xerces2
2020-06-15 18:51:38
nuclei
nuclei
Apache ActiveMQ <=5.15.5 - Cross-Site Scripting
2021-01-09 14:45:11
oraclelinux
oraclelinux
tomcat security update
2016-10-10 00:00:00
openvas
openvas
RedHat Update for tomcat RHSA-2016:2046-01
2016-10-11 00:00:00
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2016-1049)
2020-01-23 00:00:00
CentOS Update for tomcat CESA-2016:2046 centos7
2016-10-12 00:00:00
centos
centos
tomcat security update
2016-10-11 18:36:52
checkpoint_advisories
checkpoint_advisories
Apache ActiveMQ QueueFilter Cross-Site Scripting (CVE-2018-8006)
2018-08-23 00:00:00
Apache Tomcat Remote Code Execution (CVE-2016-8735)
2020-03-27 00:00:00
Apache Commons FileUpload Denial Of Service (CVE-2016-3092)
2016-07-31 00:00:00
threatpost
threatpost
Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors
2018-08-24 15:25:01
ubuntucve
ubuntucve
github
github
Apache ActiveMQ web console vulnerable to Cross-site Scripting
2018-10-30 20:48:58
Denial of service in Apache Xerces2
2020-06-15 18:51:38
debiancve
debiancve
zdt
zdt
Apache Tomcat Privilege Escalation Exploit
2023-03-14 00:00:00
Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
2016-10-10 00:00:00
myhack58
myhack58
Vulnerability and early warning: based on the RedHat distribution of Apache Tomcat local to mention the right vulnerability-vulnerability warning-the black bar safety net
2016-10-12 00:00:00
redhatcve
redhatcve
f5
f5
SOL73644551 - Apache Tomcat vulnerability CVE-2016-6325
2016-10-20 00:00:00
K73644551 : Apache Tomcat vulnerability CVE-2016-6325
2016-10-20 00:00:00
K61414056 : Apache Tomcat vulnerability CVE-2016-5425
2016-10-20 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2018-10-11 07:28:11
Privilege Escalation
2019-05-20 00:08:58
Denial Of Service (DoS)
2017-10-31 05:53:02
cve
cve
prion
prion
Design/Logic Flaw
2016-10-13 14:59:00
Design/Logic Flaw
2016-10-13 14:59:00
Cross site scripting
2018-10-10 14:29:00
packetstorm
packetstorm
Apache Tomcat Privilege Escalation
2023-03-14 00:00:00
Apache Tomcat 8 / 7 / 6 Privilege Escalation
2016-10-10 00:00:00
exploitpack
exploitpack
Apache Tomcat 876 (RedHat Based Distros) - Local Privilege Escalation
2016-10-10 00:00:00
metasploit
metasploit
jvn
jvn
atlassian
atlassian
Upgrade Tomcat to 8.0.36 or later
2016-07-14 14:22:05
Upgrade Tomcat to 8.0.36 or later
2016-07-14 14:22:05
Upgrade Tomcat to 8.0.36 or later
2016-07-14 14:22:05
debian
debian
[SECURITY] [DLA 529-1] tomcat7 security update
2016-06-26 18:59:17
[SECURITY] [DSA 3614-1] tomcat7 security update
2016-07-02 12:54:16
[SECURITY] [DSA 3611-1] libcommons-fileupload-java security update
2016-06-30 08:44:01
tomcat
tomcat
Fixed in Apache Tomcat 9.0.0.M8
2016-06-13 00:00:00
Fixed in Apache Tomcat 8.5.3 and 8.0.36
2016-06-13 00:00:00
Fixed in Apache Tomcat 7.0.70
2016-06-20 00:00:00
freebsd
freebsd
Apache Commons FileUpload -- denial of service
2016-06-21 00:00:00
Apache Commons FileUpload -- denial of service (DoS) vulnerability
2016-06-20 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: tomcat-8.0.36-2.fc25
2016-09-01 13:43:39
[SECURITY] Fedora 28 Update: jackson-databind-2.9.4-3.fc28
2018-04-01 00:46:43
[SECURITY] Fedora 23 Update: tomcat-8.0.36-2.fc23
2016-09-01 18:56:38
amazon
amazon
Medium: tomcat7, tomcat8
2016-08-17 13:30:00
mageia
mageia
Updated tomcat/apache-commons-fileupload packages fix security vulnerability
2016-07-27 00:16:28
ubuntu
ubuntu
Tomcat vulnerability
2016-07-06 00:00:00