CRITICAL🇵🇱 Wersja polska

CVE-2020-11998

CVSS 9.8v3.1pub. 2020-09-10upd. 2024-11-21

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html "A remote client could create a javax.management.loading.MLet MBean and use it to create new MBeans from arbitrary URLs, at least if there is no security manager. In other words, a rogue remote client could make your Java application execute arbitrary code." Mitigation: Upgrade to Apache ActiveMQ 5.15.13

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Apache Activemq

    APP
    Apache
    5.15.12
  • Oracle Communications Diameter Signaling Router

    APP
    Oracle
    8.0.0 – 8.5.0
  • Oracle Communications Element Manager

    APP
    Oracle
    8.2.0 – 8.2.4.0
  • Oracle Communications Session Report Manager

    APP
    Oracle
    8.0.0 – 8.2.2
  • Oracle Communications Session Route Manager

    APP
    Oracle
    8.0.0 – 8.2.2
  • Oracle Enterprise Repository

    APP
    Oracle
    11.1.1.7.0
  • Oracle Flexcube Private Banking

    APP
    Oracle
    12.0.012.1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-46604CRITICAL10.0⚠ KEVten sam produkt

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a ...

CVE-2020-1938CRITICAL9.8⚠ KEVten sam produkt

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache To...

CVE-2020-2555CRITICAL9.8⚠ KEVten sam produkt

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invoc...

CVE-2017-9841CRITICAL9.8⚠ KEVten sam produkt

Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbit...

CVE-2016-3088CRITICAL9.8⚠ KEVten sam produkt

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and exec...