Authentication flaw

2020-09-1019:15:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

JSON

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html “A remote client could create a javax.management.loading.MLet MBean and use it to create new MBeans from arbitrary URLs, at least if there is no security manager. In other words, a rogue remote client could make your Java application execute arbitrary code.” Mitigation: Upgrade to Apache ActiveMQ 5.15.13

CPENameOperatorVersion
activemqeq5.15.12
communications_diameter_signaling_routerge8.0.0
communications_diameter_signaling_routerle8.5.0
communications_element_managerge8.2.0
communications_element_managerle8.2.4.0
communications_session_report_managerge8.0.0
communications_session_report_managerle8.2.2
communications_session_route_managerge8.0.0
communications_session_route_managerle8.2.2
enterprise_repositoryeq11.1.1.7.0

Name	Operator	Version
activemq	eq	5.15.12
communications_diameter_signaling_router	ge	8.0.0
communications_diameter_signaling_router	le	8.5.0
communications_element_manager	ge	8.2.0
communications_element_manager	le	8.2.4.0
communications_session_report_manager	ge	8.0.0
communications_session_report_manager	le	8.2.2
communications_session_route_manager	ge	8.0.0
communications_session_route_manager	le	8.2.2
enterprise_repository	eq	11.1.1.7.0