漏洞信息详情

Apache ActiveMQ 代码注入漏洞

  • CNNVD编号:CNNVD-201903-1165
  • 危害等级: 高危
  • CVE编号: CVE-2019-0222
  • 漏洞类型: 代码注入
  • 发布时间: 2019-03-28
  • 威胁类型: 远程
  • 更新时间: 2021-03-08
  • 厂        商:
  • 漏洞来源: Indrajeet Singh,Re...

漏洞简介

Apache ActiveMQ是美国阿帕奇(Apache)软件基金会的一套开源的消息中间件,它支持Java消息服务、集群、Spring Framework等。

Apache ActiveMQ 5.0.0版本至5.15.8版本中存在安全漏洞。攻击者可利用该漏洞造成代理关闭。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt

参考网址

来源:MLIST

链接:https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20190502-0006/

来源:MLIST

链接:https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E

来源:N/A

链接:https://www.oracle.com/security-alerts/cpuapr2020.html

来源:MISC

链接:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

来源:CONFIRM

链接:http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt

来源:BID

链接:https://www.securityfocus.com/bid/107622

来源:MLIST

链接:https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html

来源:BID

链接:http://www.securityfocus.com/bid/107622

来源:MLIST

链接:https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E

来源:www.openwall.com

链接:http://www.openwall.com/lists/oss-security/2019/03/27/2

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html

来源:MLIST

链接:https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E

来源:MISC

链接:https://www.oracle.com/security-alerts/cpujul2020.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0806

来源:www.securityfocus.com

链接:http://www.securityfocus.com/bid/107622

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1335/

来源:www.oracle.com

链接:https://www.oracle.com/security-alerts/cpujul2020.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/157214/Red-Hat-Security-Advisory-2020-1445-01.html

来源:www.ibm.com

链接:http://www.ibm.com/support/docview.wss?uid=ibm10881171

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Oracle-Fusion-Middleware-vulnerabilities-of-July-2019-29791

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-resilient-is-vulnerable-to-using-components-with-known-vulnerabilities/

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Apache-ActiveMQ-denial-of-service-via-Corrupt-MQTT-Frame-33508

来源:www.nsfocus.net

链接:http://www.nsfocus.net/vulndb/43602

来源:www.securityfocus.com

链接:https://www.securityfocus.com/bid/107622

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-0222

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156852/Red-Hat-Security-Advisory-2020-0922-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1030/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.1864/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3485/

受影响实体

    暂无


漏洞信息快速查询

相关漏洞

更多