Vulnerabilites related to Apache Software Foundation - Apache ActiveMQ Artemis
cve-2025-27427
Vulnerability from cvelistv5
Published
2025-04-01 07:26
Modified
2025-04-02 22:03
Severity ?
EPSS score ?
Summary
A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for that particular address. When combined with the send permission and automatic queue creation a user could successfully send a message with a routing-type not supported by the address when that message should actually be rejected on the basis that the user doesn't have permission to change the routing-type of the address.
This issue affects Apache ActiveMQ Artemis from 2.0.0 through 2.39.0.
Users are recommended to upgrade to version 2.40.0 which fixes the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/8dzlm2vkqphyrnkrby8r8kzndsm5o6x8 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache ActiveMQ Artemis |
Version: 2.0.0 ≤ 2.39.0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-27427", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-01T14:09:53.220985Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-01T14:12:13.429Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2025-04-02T22:03:20.210Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "http://www.openwall.com/lists/oss-security/2025/03/31/1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://repo.maven.apache.org/maven2", defaultStatus: "unaffected", packageName: "org.apache.activemq:artemis-server", product: "Apache ActiveMQ Artemis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.39.0", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Eojin Lee <djwls7179@gmail.com>", }, { lang: "en", type: "finder", value: "Dain Lee <ledain5094@gmail.com>", }, { lang: "en", type: "finder", value: "WooJin Park <1203kids@gmail.com>", }, { lang: "en", type: "finder", value: "MinJung Lee <whitney2319@gmail.com>", }, { lang: "en", type: "finder", value: "SeChang Oh <osc010524@gmail.com>", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for that particular address. When combined with the send permission and automatic queue creation a user could successfully send a message with a routing-type not supported by the address when that message should actually be rejected on the basis that the user doesn't have permission to change the routing-type of the address.</p><p>This issue affects Apache ActiveMQ Artemis from 2.0.0 through 2.39.0.</p><p>Users are recommended to upgrade to version 2.40.0 which fixes the issue.</p>", }, ], value: "A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for that particular address. When combined with the send permission and automatic queue creation a user could successfully send a message with a routing-type not supported by the address when that message should actually be rejected on the basis that the user doesn't have permission to change the routing-type of the address.\n\nThis issue affects Apache ActiveMQ Artemis from 2.0.0 through 2.39.0.\n\nUsers are recommended to upgrade to version 2.40.0 which fixes the issue.", }, ], metrics: [ { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "NETWORK", baseScore: 2.3, baseSeverity: "LOW", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "LOW", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-01T07:26:59.994Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/8dzlm2vkqphyrnkrby8r8kzndsm5o6x8", }, ], source: { defect: [ "ARTEMIS-5346", ], discovery: "EXTERNAL", }, title: "Apache ActiveMQ Artemis: Address routing-type can be updated by user without the createAddress permission", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2025-27427", datePublished: "2025-04-01T07:26:59.994Z", dateReserved: "2025-02-24T21:09:33.306Z", dateUpdated: "2025-04-02T22:03:20.210Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-50780
Vulnerability from cvelistv5
Published
2024-10-14 16:03
Modified
2025-03-19 20:11
Severity ?
EPSS score ?
Summary
Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE.
Users are recommended to upgrade to version 2.29.0 or later, which fixes the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/63b78shqz312phsx7v1ryr7jv7bprg58 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache ActiveMQ Artemis |
Version: 0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-10-14T20:02:56.694Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "http://www.openwall.com/lists/oss-security/2024/10/14/2", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-50780", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T15:43:05.048649Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-19T20:11:35.774Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache ActiveMQ Artemis", vendor: "Apache Software Foundation", versions: [ { lessThan: "2.29.0", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Matei \"Mal\" Badanoiu", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE.<br></p><p>Users are recommended to upgrade to version 2.29.0 or later, which fixes the issue.</p>", }, ], value: "Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE.\n\n\nUsers are recommended to upgrade to version 2.29.0 or later, which fixes the issue.", }, ], metrics: [ { other: { content: { text: "moderate", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-285", description: "CWE-285 Improper Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-14T16:03:38.321Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/63b78shqz312phsx7v1ryr7jv7bprg58", }, ], source: { defect: [ "ARTEMIS-4150", ], discovery: "UNKNOWN", }, title: "Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-50780", datePublished: "2024-10-14T16:03:38.321Z", dateReserved: "2023-12-13T13:13:06.747Z", dateUpdated: "2025-03-19T20:11:35.774Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23913
Vulnerability from cvelistv5
Published
2022-02-04 22:33
Modified
2024-08-03 03:59
Severity ?
EPSS score ?
Summary
In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220303-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache ActiveMQ Artemis |
Version: 2.19.0 < 2.20.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:59:22.547Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220303-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache ActiveMQ Artemis", vendor: "Apache Software Foundation", versions: [ { changes: [ { at: "2.19.1", status: "unaffected", }, ], lessThan: "2.20.0", status: "affected", version: "2.19.0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-07T15:24:43.281Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220303-0003/", }, ], source: { advisory: "ARTEMIS-3593", discovery: "UNKNOWN", }, title: "Apache ActiveMQ Artemis DoS", workarounds: [ { lang: "en", value: "Upgrade to Apache ActiveMQ Artemis 2.20.0 or 2.19.1 (if you're still using Java 8).", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2022-23913", STATE: "PUBLIC", TITLE: "Apache ActiveMQ Artemis DoS", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache ActiveMQ Artemis", version: { version_data: [ { version_affected: "<", version_name: "2.19.0", version_value: "2.20.0", }, { version_affected: "<", version_name: "2.19.0", version_value: "2.19.1", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: [ {}, ], problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-770 Allocation of Resources Without Limits or Throttling", }, ], }, ], }, references: { reference_data: [ { name: "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2", refsource: "MISC", url: "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2", }, { name: "https://security.netapp.com/advisory/ntap-20220303-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220303-0003/", }, ], }, source: { advisory: "ARTEMIS-3593", discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "Upgrade to Apache ActiveMQ Artemis 2.20.0 or 2.19.1 (if you're still using Java 8).", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-23913", datePublished: "2022-02-04T22:33:01", dateReserved: "2022-01-24T00:00:00", dateUpdated: "2024-08-03T03:59:22.547Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35278
Vulnerability from cvelistv5
Published
2022-08-23 00:00
Modified
2024-08-03 09:36
Severity ?
EPSS score ?
Summary
In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache ActiveMQ Artemis |
Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:36:44.249Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/bh6y81wtotg75337bpvxcjy436zfgf3n", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221209-0005/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache ActiveMQ Artemis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.23.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Apache ActiveMQ would like to thank Yash Pandya (Digital14), Rajatkumar Karmarkar (Digital14), and Likhith Cheekatipalle (Digital14) for reporting this issue.", }, ], descriptions: [ { lang: "en", value: "In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-80", description: "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-09T00:00:00", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://lists.apache.org/thread/bh6y81wtotg75337bpvxcjy436zfgf3n", }, { url: "https://security.netapp.com/advisory/ntap-20221209-0005/", }, ], source: { discovery: "UNKNOWN", }, title: "HTML Injection in ActiveMQ Artemis Web Console", workarounds: [ { lang: "en", value: "Upgrade to Apache ActiveMQ Artemis 2.24.0.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-35278", datePublished: "2022-08-23T00:00:00", dateReserved: "2022-07-06T00:00:00", dateUpdated: "2024-08-03T09:36:44.249Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26118
Vulnerability from cvelistv5
Published
2021-01-27 18:55
Modified
2025-02-13 16:27
Severity ?
EPSS score ?
Summary
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache ActiveMQ Artemis |
Version: unspecified < 2.16.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:19:20.389Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://mail-archives.apache.org/mod_mbox/activemq-users/202101.mbox/%3CCAH%2BvQmMUNnkiXv2-d3ucdErWOsdnLi6CgnK%2BVfixyJvTgTuYig%40mail.gmail.com%3E", }, { name: "[announce] 20210127 CVE-2021-26118: Flaw in ActiveMQ Artemis OpenWire support", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rafd5d7cf303772a0118865262946586921a65ebd98fc24f56c812574%40%3Cannounce.apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210827-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache ActiveMQ Artemis", vendor: "Apache Software Foundation", versions: [ { lessThan: "2.16.0", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Apache ActiveMQ would like to thank Francesco Marchioni (Red Hat) for reporting this issue.", }, ], descriptions: [ { lang: "en", value: "While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-03T20:20:55.000Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://mail-archives.apache.org/mod_mbox/activemq-users/202101.mbox/%3CCAH%2BvQmMUNnkiXv2-d3ucdErWOsdnLi6CgnK%2BVfixyJvTgTuYig%40mail.gmail.com%3E", }, { name: "[announce] 20210127 CVE-2021-26118: Flaw in ActiveMQ Artemis OpenWire support", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rafd5d7cf303772a0118865262946586921a65ebd98fc24f56c812574%40%3Cannounce.apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210827-0002/", }, ], source: { defect: [ "https://issues.apache.org/jira/browse/ARTEMIS-2964", ], discovery: "UNKNOWN", }, title: "Flaw in ActiveMQ Artemis OpenWire support", workarounds: [ { lang: "en", value: "Upgrade to Apache ActiveMQ Artemis 2.16.0", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2021-26118", STATE: "PUBLIC", TITLE: "Flaw in ActiveMQ Artemis OpenWire support", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache ActiveMQ Artemis", version: { version_data: [ { version_affected: "<", version_value: "2.16.0", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, credit: [ { lang: "eng", value: "Apache ActiveMQ would like to thank Francesco Marchioni (Red Hat) for reporting this issue.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284 Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://mail-archives.apache.org/mod_mbox/activemq-users/202101.mbox/%3CCAH%2BvQmMUNnkiXv2-d3ucdErWOsdnLi6CgnK%2BVfixyJvTgTuYig%40mail.gmail.com%3E", refsource: "MISC", url: "https://mail-archives.apache.org/mod_mbox/activemq-users/202101.mbox/%3CCAH%2BvQmMUNnkiXv2-d3ucdErWOsdnLi6CgnK%2BVfixyJvTgTuYig%40mail.gmail.com%3E", }, { name: "[announce] 20210127 CVE-2021-26118: Flaw in ActiveMQ Artemis OpenWire support", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rafd5d7cf303772a0118865262946586921a65ebd98fc24f56c812574@%3Cannounce.apache.org%3E", }, { name: "https://security.netapp.com/advisory/ntap-20210827-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210827-0002/", }, ], }, source: { defect: [ "https://issues.apache.org/jira/browse/ARTEMIS-2964", ], discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "Upgrade to Apache ActiveMQ Artemis 2.16.0", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-26118", datePublished: "2021-01-27T18:55:13.000Z", dateReserved: "2021-01-25T00:00:00.000Z", dateUpdated: "2025-02-13T16:27:51.360Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-27391
Vulnerability from cvelistv5
Published
2025-04-09 14:42
Modified
2025-04-09 17:02
Severity ?
EPSS score ?
Summary
Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the debug level enabled.
This issue affects Apache ActiveMQ Artemis: from 1.5.1 before 2.40.0. It can be mitigated by restricting log access to only trusted users.
Users are recommended to upgrade to version 2.40.0, which fixes the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/25p96cvzl1mkt29lwm2d8knklkoqolps | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache ActiveMQ Artemis |
Version: 1.5.1 ≤ |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-27391", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-09T15:34:21.695198Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-09T16:06:06.972Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2025-04-09T17:02:46.727Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "http://www.openwall.com/lists/oss-security/2025/04/09/3", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://repo.maven.apache.org/maven2", defaultStatus: "unaffected", packageName: "org.apache.activemq:artemis-server", product: "Apache ActiveMQ Artemis", vendor: "Apache Software Foundation", versions: [ { lessThan: "2.40.0", status: "affected", version: "1.5.1", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Rafael Yanez Illescas <ryanezil@redhat.com>", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl <span style=\"background-color: rgb(255, 255, 255);\">logger has the </span>debug level enabled.</p><p>This issue affects Apache ActiveMQ Artemis: from 1.5.1 before 2.40.0. It can be mitigated by restricting log access to only trusted users.</p><p>Users are recommended to upgrade to version 2.40.0, which fixes the issue.</p>", }, ], value: "Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the debug level enabled.\n\nThis issue affects Apache ActiveMQ Artemis: from 1.5.1 before 2.40.0. It can be mitigated by restricting log access to only trusted users.\n\nUsers are recommended to upgrade to version 2.40.0, which fixes the issue.", }, ], metrics: [ { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "LOCAL", baseScore: 6.8, baseSeverity: "MEDIUM", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "HIGH", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532 Insertion of Sensitive Information into Log File", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-09T14:42:32.504Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/25p96cvzl1mkt29lwm2d8knklkoqolps", }, ], source: { discovery: "UNKNOWN", }, title: "Apache ActiveMQ Artemis: Passwords leaking from broker properties in the debug log", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2025-27391", datePublished: "2025-04-09T14:42:32.504Z", dateReserved: "2025-02-24T09:38:34.333Z", dateUpdated: "2025-04-09T17:02:46.727Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }