It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
CPE | Name | Operator | Version |
---|---|---|---|
activemq | lt | 5.14.5 | |
activemq | ge | 5.15.0 | |
activemq | lt | 5.15.5 | |
jboss_a-mq | eq | 6.3 | |
jboss_a-mq | eq | 6.2.1 | |
jboss_fuse | eq | 6.3 |