CVE-2015-7559
published 2019-08-01CVE-2015-7559: It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a…
low2.7CVSS 3.1
AVNACLPRHUINSUCNINAL
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | activemq | < 5.14.5 | 5.14.5 |
| apache | activemq | — | — |
| apache | activemq | >= 0 < 5.14.3-3 | 5.14.3-3 |
| apache | activemq | >= 0 < 5.14.3-3 | 5.14.3-3 |
| apache | activemq | >= 0 < 5.14.3-3 | 5.14.3-3 |
| apache | activemq | >= 0 < 5.13.2+dfsg-2ubuntu0.1~esm1 | 5.13.2+dfsg-2ubuntu0.1~esm1 |
| apache | activemq | >= 0 < 5.15.8-2~18.04.1~esm1 | 5.15.8-2~18.04.1~esm1 |
| apache | activemq | >= 0 < 5.15.11-1ubuntu0.1~esm1 | 5.15.11-1ubuntu0.1~esm1 |
| apache | activemq | >= 0 < 5.16.1-1ubuntu0.1~esm1 | 5.16.1-1ubuntu0.1~esm1 |
| apache | activemq | >= 5.15.0 < 5.15.5 | 5.15.5 |
| debian | activemq | < activemq 5.14.3-3 (bookworm) | activemq 5.14.3-3 (bookworm) |
| redhat | jboss_a-mq | — | — |
| redhat | jboss_a-mq | — | — |
| redhat | jboss_fuse | — | — |
CVSS provenance
nvdv3.12.7LOWCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
osv2.7LOW