CVE-2017-15709

Exposure of Sensitive Information to an Unauthorized Actor in maven/org.apache.activemq/activemq-parent

Identifiers

GHSA-7qm4-p377-fr2r, CVE-2017-15709

Package Slug

maven/org.apache.activemq/activemq-parent

Vulnerability

Exposure of Sensitive Information to an Unauthorized Actor

Description

When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.

Affected Versions

All versions starting from 5.14.0 before 5.15.3

Solution

Upgrade to version 5.15.3 or above.

Last Modified

2022-11-23

source