Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.8 views

CVE-2020-11969

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS9.3AI score0.04115EPSS
Exploits0References1
Veracode
Veracode
added 2020/12/18 6:47 a.m.23 views

Missing Authentication Due To Incorrect Configuration

Apache Tomee openejb-core has missing authentication. The vulnerability exists due to an incomplete fix of CVE-2020-11969 where when embedded ActiveMQ broker with URI setting useJMX=true is used, it causes JMX port to open on TCP port 1099, which does not include authentication...

9.8CVSS2.4AI score0.04115EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2020/12/18 12:15 a.m.30 views

Input validation

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creatio...

6.8CVSS9.4AI score0.04115EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/06/15 8:15 p.m.15 views

CVE-2020-11969

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS6.6AI score
Exploits0References6
CVE
CVE
added 2020/06/15 7:3 p.m.91 views

CVE-2020-11969

CVE-2020-11969 concerns Apache TomEE when configured with the embedded ActiveMQ broker and broker URI includes useJMX=true, which opens a JMX port on TCP 1099 without authentication. Affected versions: TomEE 8.0.0-M1 through 8.0.1; 7.1.0 through 7.1.2; 7.0.0-M1 through 7.0.7; 1.0.0 through 1.7.5....

9.8CVSS9.2AI score0.04115EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder