7 matches found
Improper Input Validation
Overview org.apache.activemq:activemq-broker is a high performance Apache 2.0 licensed Message Broker and JMS 1.1 implementation. Affected versions of this package are vulnerable to Improper Input Validation over the /api/jolokia MBeans interface. A user can execute arbitrary code on the broker's...
CVE-2019-12124
An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected...
EUVD-2019-3775
Malware in sbrugna...
The vulnerability of the interface configurations of the Jolokia JMX REST API and the Message REST API of the Apache ActiveMQ software platform allows a perpetrator to gain access to read, modify, or delete information.
The vulnerability of the Jolokia JMX REST API and Message REST API interface configurations of the Apache ActiveMQ software platform is related to insecure resource initialization due to the absence of authentication procedures. Exploiting this vulnerability could allow an attacker to gain read,...
PT-2024-3291
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions 6.x prior to 6.1.2 Description The default configuration does not secure the API web context, leading to insecure resource initialization due to a lack of authentication. This allows remote attackers to use the Jolokia...
CVE-2019-12124
An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected...
Design/Logic Flaw
An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected...