Jboss A-mq Security Vulnerabilities and Issues — Jboss A-mq CVE List

Lucene search

RedhatJboss A-mq

4 matches found

CVE•added 2021/05/20 1:15 p.m.•202 views

CVE-2021-3536

A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.

4.8CVSS5AI score0.00284EPSS

CVE•added 2019/08/01 2:15 p.m.•113 views

CVE-2015-7559

It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.

4CVSS3.8AI score0.00178EPSS

CVE•added 2021/06/01 8:15 p.m.•97 views

CVE-2021-3425

A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.

4.4CVSS4.7AI score0.00055EPSS

CVE•added 2013/09/30 9:55 p.m.•49 views

CVE-2013-4372

Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the (1) user field in the create user page or (2) profile version to the cr...

4.3CVSS5.9AI score0.00421EPSS