13 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-0222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. CVE-2019-0222 -...
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF15 patch Vulnerability Details CVEID:CVE-2020-13920 DESCRIPTION: Apache ActiveMQ is vulnerable to a man-in-the-middle attack, caused by improper authentication validation when connecting to the JMX...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : mqtt-client vulnerability (USN-6685-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6685-1 advisory. It was discovered that mqtt-client incorrectly handled memory while parsing malformed MQTT frames. An attacker could possibly use this iss...
[SECURITY] [DLA 2583-1] activemq security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2583-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA March 05, 2021 https://wiki.debian.org/LTS -...
Oracle Identity Manager Connector Multiple Vulnerabilities (April 2020 CPU)
The remote host is missing the April 2020 Critical Patch Update for Oracle Identity Manager Connector. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware component: General Apache ActiveMQ. The supported...
Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.4.3 release and security update
Red Hat AMQ Broker 7.4.3 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.6 release and security update
Red Hat AMQ Broker 7.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Oracle Enterprise Manager Cloud Control (Jul 2019 CPU)
The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - An unspecified vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite...
Security Bulletin: Vulnerability in Apache ActiveMQ Affects IBM Control Center (CVE-2019-0222)
Summary IBM Control center is affected by a Corrupt MQTT frame that can cause broker shutdown in Apache ActiveMQ. Vulnerability Details CVEID: CVE-2019-0222 DESCRIPTION: IBM Control center is affected by a Corrupt MQTT frame that can cause broker shutdown in Apache ActiveMQ. CVSS Base Score: 7.5...
Apache ActiveMQ 5.x < 5.15.9 Corrupt MQTT Frame Denial of Service (DoS) (CVE-2019-0222)
The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.15.9. It is, therefore, affected by a denial of service DoS vulnerability due to improper validation of MQTT frames. An unauthenticated, remote attacker can exploit this issue to cause the broker to stop responding...
at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1019 more potentially affected by CVE-2019-0222 via org.apache.activemq:activemq-client (>=5.10.0 <=5.15.8)
org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2019-0222 Source advisory: OSV:GHSA-JPV3-G4CC-6VFX...
DEBIAN-CVE-2019-0222
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive...
CVE-2019-0222
CVE-2019-0222 affects Apache ActiveMQ 5.0.0–5.15.8. Description: unmarshalling of a corrupt MQTT frame can cause a broker Out of Memory, rendering the broker unresponsive. Enterprise/Nessus entries in the connected docs classify this as an unpatched/vulnerable issue with no vendor patch available...