Lucene search
K

10 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/04/22 12:0 a.m.67 views

VulnCheck KEV: CVE-2024-32114

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context where the Jolokia JMX REST API and the Message REST API are located. It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker using Jolokia J...

8.8CVSS5.7AI score0.0692EPSS
In wildExploits1References16
OSV
OSV
added 2024/05/04 7:16 a.m.34 views

BIT-ACTIVEMQ-2024-32114

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context where the Jolokia JMX REST API and the Message REST API are located.It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker using Jolokia JM...

8.8CVSS8.1AI score0.0692EPSS
Exploits1References1
Veracode
Veracode
added 2024/05/03 6:44 a.m.26 views

Improper Access Control

Apache ActiveMQ is vulnerable to Improper Access Control. The vulnerability is due to a default configuration which does not secure the API web context, allowing unrestricted use of the Jolokia JMX REST API and the Message REST API. This vulnerability potentially enables anyone to interact with t...

8.8CVSS7AI score0.0692EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/05/02 9:30 a.m.35 views

GHSA-GJ5M-M88J-V7C3 Apache ActiveMQ's default configuration doesn't secure the API web context

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context where the Jolokia JMX REST API and the Message REST API are located. It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker using Jolokia J...

8.8CVSS8.1AI score0.0692EPSS
Exploits1References6
NVD
NVD
added 2024/05/02 9:15 a.m.16 views

CVE-2024-32114

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context where the Jolokia JMX REST API and the Message REST API are located. It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker using Jolokia J...

8.8CVSS8.7AI score0.0692EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/02 8:29 a.m.26 views

CVE-2024-32114 Apache ActiveMQ: Jolokia and REST API were not secured with default configuration

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context where the Jolokia JMX REST API and the Message REST API are located. It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker using Jolokia J...

8.5CVSS8.8AI score0.0692EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2024/05/02 8:29 a.m.23 views

CVE-2024-32114

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context where the Jolokia JMX REST API and the Message REST API are located. It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker using Jolokia J...

8.8CVSS8AI score0.0692EPSS
Exploits1
NVD
NVD
added 2023/04/28 9:15 p.m.15 views

CVE-2023-31444

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge...

7.5CVSS7.7AI score0.00536EPSS
Exploits0References2
CVE
CVE
added 2023/04/28 12:0 a.m.42 views

CVE-2023-31444

CVE-2023-31444 – Talend Studio Jolokia exposure : Affects Talend Studio versions before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09. The issue is an unauthenticated access vulnerability to the Jolokia endpoint of Talend microservices, enabling remote JVM access via the Jolokia JMX-HTTP bridge. T...

7.5CVSS7.6AI score0.00536EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/28 12:0 a.m.14 views

CVE-2023-31444

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge...

7.8AI score0.00536EPSS
Exploits0References2
Rows per page
Query Builder