Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to proxy the original, and bound that, he effectively becomes a man in the middle and is able to intercept the credentials when an user connects. Upgrade to Apache ActiveMQ 5.15.12.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
20 Nov 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-09-10 19:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-13920
Mitre link : CVE-2020-13920
CVE.ORG link : CVE-2020-13920
JSON object : View
Products Affected
oracle
- flexcube_private_banking
- communications_diameter_signaling_router
apache
- activemq
debian
- debian_linux
CWE
CWE-306
Missing Authentication for Critical Function