4 matches found
Security Bulletin: Vulnerabilities in Apache ActiveMQ affect IBM Operations Analytics Predictive Insights (CVE-2020-11998, CVE-2020-13920)
Summary Apache ActiveMQ is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-13920 DESCRIPTION: Apache ActiveMQ is vulnerable to a man-in-the-middle attack, caused by improper...
CVE-2020-11998
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...
CVE-2020-11998
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...
CVE-2020-11998
CVE-2020-11998 affects Apache ActiveMQ. A regression in the commit for JMX re-bind allows a remote attacker to cause code execution by crafting an MLet MBean, due to passing an empty environment map to RMIConnectorServer. Mitigation is to upgrade to Apache ActiveMQ 5.15.13. Exploitation status is...