Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jboss_a\-Mq
(Redhat)| Repositories | https://github.com/jboss-fuse/fuse |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-08-01 | CVE-2016-8653 | It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack. | Jboss_a\-Mq, Jboss_fuse | 5.3 | ||
| 2017-09-25 | CVE-2015-5181 | The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript. | Jboss_a\-Mq | 5.4 | ||
| 2014-04-17 | CVE-2014-0085 | JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the source of the flaw as Zookeeper. Previous text: Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log. | Jboss_a\-Mq, Jboss_fuse | N/A |