Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-8110
HistoryFeb 12, 2015 - 12:00 a.m.

CVE-2014-8110

2015-02-1200:00:00
ubuntu.com
ubuntu.com
17

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.007

Percentile

80.3%

Multiple cross-site scripting (XSS) vulnerabilities in the web based
administration console in Apache ActiveMQ 5.x before 5.10.1 allow remote
attackers to inject arbitrary web script or HTML via unspecified vectors.

Notes

Author Note
seth-arnold Debian notes the admin console doesn’t work in Debian packages: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702670

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.007

Percentile

80.3%