Lucene search
K

15 matches found

vulnersOsv
vulnersOsv
added 2022/05/14 1:14 a.m.4 views

com.artnaseef:activemq-maven-plugin (=5.10.0), com.github.cchacin:cucumber-common-steps (>=0.0.2 <=0.1.8) +156 more potentially affected by CVE-2014-3612 via org.apache.activemq:activemq-broker (=5.10.0)

org.apache.activemq:activemq-broker MAVEN version =5.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.activemq:activemq-broker and may be impacted: - com.artnaseef:activemq-maven-plugin =5.10.0 - com.github.cchacin:cucumber-common-steps...

7.5CVSS7.2AI score0.07378EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:50 p.m.44 views

Security Bulletin: Security vulnerabilities have been identified in IBM Tivoli Integrated Portal (TIP) shipped with Tivoli Business Service Manager (CVE-2015-5254, CVE-2014-3600, CVE-2014-3612, CVE-2014-8110, CVE-2014-3579)

Summary IBM Tivoli Integrated Portal TIP is shipped as a component of Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM Tivoli Integrated Portal TIP have been published in a security bulletin. Vulnerability Details Please consult the Security Bulletin:...

9.8CVSS2.8AI score0.38191EPSS
Exploits5Affected Software1
OpenVAS
OpenVAS
added 2017/11/07 12:0 a.m.40 views

Apache ActiveMQ < 5.10.1 Multiple Security Vulnerabilities - Windows

Apache ActiveMQ is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:activemq";...

9.8CVSS8.8AI score0.09851EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/11/07 12:0 a.m.46 views

Apache ActiveMQ < 5.10.1 Multiple Security Vulnerabilities - Linux

Apache ActiveMQ is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:activemq";...

9.8CVSS8.8AI score0.09851EPSS
Exploits1References1
0day.today
0day.today
added 2015/08/28 12:0 a.m.77 views

Apache ActiveMQ 5.0.0 - 5.10.0 JAAS LDAPLoginModule empty password authentication Vulnerability

Exploit for multiple platform in category web applications CVE-2014-3612: ActiveMQ JAAS: LDAPLoginModule allows empty password authentication and Wildcard Interpretation Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache ActiveMQ 5.0.0 - 5.10.0 Description: It wa...

5CVSS0.1AI score0.08468EPSS
Exploits1
NVD
NVD
added 2015/08/24 2:59 p.m.30 views

CVE-2014-3612

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier...

7.5CVSS9AI score0.07378EPSS
Exploits1References6
Prion
Prion
added 2015/08/24 2:59 p.m.25 views

Authentication flaw

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-361...

5CVSS6.7AI score0.08468EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2015/08/24 2:59 p.m.32 views

CVE-2014-3612

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier...

7.5CVSS6.7AI score0.07378EPSS
Exploits1References5
OSV
OSV
added 2015/08/24 2:59 p.m.10 views

CVE-2014-3612

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier...

7.5CVSS7.1AI score0.07378EPSS
Exploits1References6
Cvelist
Cvelist
added 2015/08/24 2:0 p.m.24 views

CVE-2014-3612

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier...

9AI score0.07378EPSS
Exploits1References6
CVE
CVE
added 2015/08/24 2:0 p.m.154 views

CVE-2014-3612

CVE-2014-3612 affects Apache ActiveMQ 5.x (JAAS LDAPLoginModule). The vulnerability lets an attacker authenticate with a valid username and an empty password, causing an unauthenticated bind and bypass of authentication. Remediation: upgrade to ActiveMQ 5.10.1 or later (or apply vendor patch) as ...

7.5CVSS9.7AI score0.07378EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.106 views

[SECURITY] [DSA 3330-1] activemq security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3330-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 07, 2015 https://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.12794EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/08/07 12:0 a.m.29 views

Debian Security Advisory DSA 3330-1 (activemq - security update)

It was discovered that the Apache ActiveMQ message broker is susceptible to denial of service through an undocumented, remote shutdown command. OpenVAS Vulnerability Test $Id: deb3330.nasl 7798 2017-11-17 05:43:16Z teissa $ Auto-generated from advisory DSA 3330-1 using nvtgen 1.0 Script version:...

7.5CVSS0.8AI score0.12794EPSS
Exploits1References1
OSV
OSV
added 2015/08/07 12:0 a.m.34 views

DSA-3330-1 activemq - security update

Bulletin has no description...

7.5CVSS7AI score0.12794EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/02/05 9:30 p.m.35 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security and bug fix update

Red Hat JBoss Fuse and A-MQ 6.1.0 Patch 3 on Rollup Patch 1 R1P3, which fixes two security issues and one bug, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...

9.8CVSS6.8AI score0.09851EPSS
Exploits1References4
Rows per page
Query Builder