Jboss A-mq Security Vulnerabilities and Issues — Jboss A-mq CVE List

Lucene search

RedhatJboss A-mq

5 matches found

CVE•added 2023/09/27 9:15 p.m.•128 views

CVE-2023-4066

A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker.

5.5CVSS5.7AI score0.00037EPSS

CVE•added 2023/09/27 3:19 p.m.•112 views

CVE-2023-4065

A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions.

5.5CVSS5.5AI score0.00031EPSS

CVE•added 2017/09/25 9:29 p.m.•52 views

CVE-2015-5181

The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript.

5.4CVSS7.8AI score0.00173EPSS

CVE•added 2018/08/01 2:29 p.m.•50 views

CVE-2016-8653

It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.

5.3CVSS5.2AI score0.00345EPSS

CVE•added 2022/08/16 9:15 p.m.•46 views

CVE-2020-14379

A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure.

5.6CVSS5.2AI score0.00033EPSS