CVE-2017-15709

Published: Feb 13, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.

Vendor	Product	Versions
Apache Software Foundation	Apache ActiveMQ	affected `Apache ActiveMQ 5.14.0 to 5.15.2`

References

https://lists.apache.org/thread.html/2b6f04a552c6ec2de6563c2df3bba813f0fe9c7e22cce27b7829db89%40%3Cdev.activemq.apache.org%3E

x_refsource_MISC

[activemq-commits] 20190327 [CONF] Apache ActiveMQ > Security Advisories

mailing-list

x_refsource_MLIST

[activemq-dev] 20190327 Re: Website

mailing-list

x_refsource_MLIST

[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/

mailing-list

x_refsource_MLIST

[activemq-dev] 20190328 Re: Website

mailing-list

x_refsource_MLIST

[activemq-gitbox] 20191021 [GitHub] [activemq-website] clebertsuconic commented on a change in pull request #17: Fix the ordering in the security advisories page

mailing-list

x_refsource_MLIST

[activemq-gitbox] 20191022 [GitHub] [activemq-website] coheigea commented on a change in pull request #17: Fix the ordering in the security advisories page

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210305 [SECURITY] [DLA 2583-1] activemq security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-15709

Description

Affected Products

References