Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8110

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-8110
Last Modified 12 Feb 2015 12:49:41
Published 12 Feb 2015 11:59:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-8110

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5.x before 5.10.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Apache Activemq 5.0.0

  • Apache Activemq 5.1.0

  • Apache Activemq 5.10.0

  • Apache Activemq 5.2.0

  • Apache Activemq 5.3.0

  • Apache Activemq 5.3.1

  • Apache Activemq 5.3.2

  • Apache Activemq 5.4.0

  • Apache Activemq 5.4.1

  • Apache Activemq 5.4.2

  • Apache Activemq 5.4.3

  • Apache Activemq 5.5.0

  • Apache Activemq 5.5.1

  • Apache Activemq 5.6.0

  • Apache Activemq 5.7.0

  • Apache Activemq 5.8.0

  • Apache Activemq 5.9.0

  • Apache Activemq 5.9.1


References

XF - apache-activemq-cve20148110-xss(100724)

BID - 72511

MLIST - [oss-security] 20150205 [ANNOUNCE] CVE-2014-3600, CVE-2014-3612 and CVE-2014-8110 - Apache ActiveMQ vulnerabilities

CONFIRM - http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt


Last Updated: 27 May 2016 11:07:47