5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.008 Low
EPSS
Percentile
82.2%
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
CPE | Name | Operator | Version |
---|---|---|---|
org.apache.activemq:activemq-core | lt | 5.6.0 |
openwall.com/lists/oss-security/2011/12/25/2
openwall.com/lists/oss-security/2011/12/25/6
svn.apache.org/viewvc?view=revision&revision=1209700
svn.apache.org/viewvc?view=revision&revision=1211844
github.com/advisories/GHSA-9wcx-326r-7j7w
github.com/apache/activemq/commit/3a71f8e33d0309cb0ca5b5758a8f251da205e757
github.com/apache/activemq/commit/9df9d3e89140b7329654ad5675259ec6f0c4b3a7
github.com/apache/activemq/commit/da7f9962c640666a743675085922bf75a656f81b
issues.apache.org/jira/browse/AMQ-1928
issues.apache.org/jira/browse/AMQ-3294
nvd.nist.gov/vuln/detail/CVE-2011-4905