CVE-2022-35278 – HTML Injection in ActiveMQ Artemis Web Console
https://notcve.org/view.php?id=CVE-2022-35278
In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue. En Apache ActiveMQ Artemis versiones anteriores a 2.24.0, un atacante podía mostrar contenido malicioso y/o redirigir a usuarios a una URL maliciosa en la consola web usando HTML en el nombre de una dirección o cola. A security vulnerability was found in ActiveMQ Artemis. This flaw allows an attacker to show malicious content and redirect users to a malicious URL in the web console by using HTML in the name of an address or queue. • https://lists.apache.org/thread/bh6y81wtotg75337bpvxcjy436zfgf3n https://security.netapp.com/advisory/ntap-20221209-0005 https://access.redhat.com/security/cve/CVE-2022-35278 https://bugzilla.redhat.com/show_bug.cgi?id=2109805 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2021-4040 – Broker: Malformed message can result in partial DoS (OOM)
https://notcve.org/view.php?id=CVE-2021-4040
A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory (OOM) condition. This flaw allows an attacker to partially disrupt availability to the broker through a sustained attack of maliciously crafted messages. The highest threat from this vulnerability is system availability. Se ha encontrado un fallo en AMQ Broker. • https://access.redhat.com/security/cve/CVE-2021-4040 https://bugzilla.redhat.com/show_bug.cgi?id=2028254 https://github.com/apache/activemq-artemis/pull/3871/commits https://issues.apache.org/jira/browse/ARTEMIS-3593 • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •
CVE-2022-23913 – Apache ActiveMQ Artemis DoS
https://notcve.org/view.php?id=CVE-2022-23913
In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory. En Apache ActiveMQ Artemis versiones anteriores a 2.20.0 o 2.19.1, un atacante podría interrumpir parcialmente la disponibilidad (DoS) mediante el consumo no controlado de recursos de la memoria • https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 https://security.netapp.com/advisory/ntap-20220303-0003 https://access.redhat.com/security/cve/CVE-2022-23913 https://bugzilla.redhat.com/show_bug.cgi?id=2063601 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2021-26117 – ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind
https://notcve.org/view.php?id=CVE-2021-26117
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password. El módulo de inicio de sesión LDAP de ActiveMQ opcional puede ser configurado para usar el acceso anónimo al servidor LDAP. En este caso, para Apache ActiveMQ Artemis anterior a versión 2.16.0 y Apache ActiveMQ anterior a versiones 5.16.1 y 5.15.14, el contexto anónimo es usado para verificar una contraseña de usuario válida por error, resultando en una comprobación de la contraseña A flaw was found in activemq. When anonymous binds are enabled on the LDAP provider (zero length DN/password) and the LDAP module is configured to make use of these, client credentials are not correctly verified and authentication is effectively bypassed. • https://lists.apache.org/thread.html/r110cacfa754471361234965ffe851a046e302ff2693b055f49f47b02%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r22cdc0fb45e223ac92bc2ceff7af92f1193dfc614c8b248534456229%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r3341d96d8f956e878fb7b463b08d57ca1d58fec9c970aee929b58e0d%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r519bfafd67091d0b91243efcb1c49b1eea27321355ba5594f679277d%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r5899ece90bcae5805ad6142fdb05c58595cff19cb2e98cc58a • CWE-287: Improper Authentication •
CVE-2020-13932 – activemq: remote XSS in web console diagram plugin
https://notcve.org/view.php?id=CVE-2020-13932
In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and the info section. En Apache ActiveMQ Artemis versiones 2.5.0 hasta 2.13.0, un paquete MQTT especialmente diseñado que presenta una carga útil XSS como id del cliente o nombre de tema puede explotar esta vulnerabilidad. La carga útil de XSS está siendo inyectada en el navegador de la consola de administración. • https://activemq.apache.org/security-advisories.data/CVE-2020-13932-announcement.txt https://lists.apache.org/thread.html/r7fcedcc89e5f296b174d6b8c1438c607c30d809c04292e5732d6e4eb%40%3Cusers.activemq.apache.org%3E https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d%40%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088%40%3Ccommits.activemq.apache.org%3E https://access.redhat.com/security/cve/CVE-2020-13932 https://bugzilla.redhat.com/show_bug • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •