3 matches found
BIT-ACTIVEMQ-2020-11998
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...
GHSA-WQFH-9M4G-7X6X Remote code execution in Apache ActiveMQ
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack - A remote client could create a...
Remote Code Execution
activemq-broker is vulnerable to remote code execution. A regression that prevents JMX re-bind allows an attacker to execute arbitrary code by passing an empty environment map to MIConnectorServer instead of the map that contains the authentication credentials...