CVE-2024-32114

2024-05-0305:52:43

redhat.com

access.redhat.com

apache activemq

insecure default configuration

jolokia

rest api

security restrictions

missing authorization

unauthenticated attacker

broker

jmx rest api

message rest api

8.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A flaw was found in Apache ActiveMQ. This vulnerability contains an insecure default configuration in Jolokia and REST API, allowing any user to bypass security restrictions. The vulnerability exists due to missing authorization in the application’s REST API. The default configuration doesn’t secure the API web context where the Jolokia JMX REST API and the Message REST API are located. This flaw allows an unauthenticated attacker to interact with the broker using the Jolokia JMX REST API to produce/consume messages or purge/delete destinations using the Message REST API.

Mitigation

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.