Lucene search
+L

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/10/15 6:25 p.m.48 views

Security Bulletin: Vulnerabilities in Apache ActiveMQ affect IBM Operations Analytics Predictive Insights (CVE-2020-11998, CVE-2020-13920)

Summary Apache ActiveMQ is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-13920 DESCRIPTION: Apache ActiveMQ is vulnerable to a man-in-the-middle attack, caused by improper...

9.8CVSS2.1AI score0.51225EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/09/10 7:15 p.m.25 views

CVE-2020-11998

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...

9.8CVSS7.5AI score0.51225EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/09/10 6:10 p.m.57 views

CVE-2020-11998

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...

9.8AI score0.51225EPSS
Exploits0References7
CVE
CVE
added 2020/09/10 6:10 p.m.126 views

CVE-2020-11998

CVE-2020-11998 affects Apache ActiveMQ. A regression in the commit for JMX re-bind allows a remote attacker to cause code execution by crafting an MLet MBean, due to passing an empty environment map to RMIConnectorServer. Mitigation is to upgrade to Apache ActiveMQ 5.15.13. Exploitation status is...

9.8CVSS9.6AI score0.51225EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder