Back to bug 1293972
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Chess Hazlett | 2015-12-23 19:59:27 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2015-12-23 19:59:27 UTC | Doc Type | --- | Bug Fix |
| Chess Hazlett | 2015-12-23 19:59:30 UTC | Blocks | 1130476 | |
| Chess Hazlett | 2015-12-23 21:25:21 UTC | Alias | CVE-2015-7559 | |
| Chess Hazlett | 2015-12-23 21:25:22 UTC | Summary | EMBARGOED ActiveMQ: DoS in client via remote shutdown command | EMBARGOED CVE-2015-7559 ActiveMQ: DoS in client via remote shutdown command |
| Chess Hazlett | 2016-01-11 22:18:23 UTC | Doc Text | It was found that Apache ActiveMQ client exposed a remote shutdown command in the ActiveMQConnection class. An attacker could use this flaw to achieve denial of service on a client. | |
| Chess Hazlett | 2016-01-11 23:28:16 UTC | Whiteboard | impact=low,public=no,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cwe=CWE-306,jboss/amq-6=new | impact=low,public=no,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cwe=CWE-306,jboss/amq-6=new,fuse-6.2.1/amq-client=affected,amq-6.2.1/amq-client=affected |
| Chess Hazlett | 2016-01-11 23:28:17 UTC | CC | aileenc, chazlett | |
| Summer Long | 2016-03-04 01:38:01 UTC | CC | slong | |
| Doc Text | It was found that Apache ActiveMQ client exposed a remote shutdown command in the ActiveMQConnection class. An attacker could use this flaw to achieve denial of service on a client. | An authentication flaw was found in Apache ActiveMQ, where the client exposed a remote shutdown command in the ActiveMQConnection class. A remote attacker could use this flaw to achieve denial of service on a client. | ||
| Chess Hazlett | 2016-04-29 16:23:02 UTC | Doc Text | An authentication flaw was found in Apache ActiveMQ, where the client exposed a remote shutdown command in the ActiveMQConnection class. A remote attacker could use this flaw to achieve denial of service on a client. | It was found that the Apache ActiveMQ client exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client. |
| Chess Hazlett | 2016-04-29 16:28:19 UTC | Whiteboard | impact=low,public=no,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cwe=CWE-306,jboss/amq-6=new,fuse-6.2.1/amq-client=affected,amq-6.2.1/amq-client=affected | impact=low,public=no,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cwe=CWE-306,amq-6.2.1/amq-client=affected |
| Chess Hazlett | 2016-04-29 16:32:02 UTC | Summary | EMBARGOED CVE-2015-7559 ActiveMQ: DoS in client via remote shutdown command | EMBARGOED CVE-2015-7559 ActiveMQ: DoS in client via shutdown command |
| Hooman Broujerdi | 2017-01-09 04:31:26 UTC | Blocks | 1411196 | |
| Chess Hazlett | 2017-01-30 19:39:17 UTC | Fixed In Version | apache activemq 5.15.0 | |
| Chess Hazlett | 2017-04-19 14:57:59 UTC | Fixed In Version | apache activemq 5.15.0 | apache activemq 5.15.4 |
| Chess Hazlett | 2017-04-19 15:00:28 UTC | Fixed In Version | apache activemq 5.15.4 | apache activemq 5.15.5 |
| Chess Hazlett | 2017-04-19 15:06:13 UTC | Whiteboard | impact=low,public=no,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cwe=CWE-306,amq-6.2.1/amq-client=affected | impact=low,public=20170419,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cwe=CWE-306,amq-6.2.1/amq-client=affected |
| Chess Hazlett | 2017-04-19 15:06:15 UTC | Summary | EMBARGOED CVE-2015-7559 ActiveMQ: DoS in client via shutdown command | CVE-2015-7559 ActiveMQ: DoS in client via shutdown command |
| Chess Hazlett | 2017-04-19 15:06:18 UTC | Group | security, qe_staff | |
| Chess Hazlett | 2017-04-19 15:12:23 UTC | Whiteboard | impact=low,public=20170419,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cwe=CWE-306,amq-6.2.1/amq-client=affected | impact=low,public=20170419,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=2.7/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-306,amq-6.2.1/amq-client=affected |
| Chess Hazlett | 2017-11-08 18:42:40 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-11-08 13:42:40 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:41:49 UTC | Whiteboard | impact=low,public=20170419,reported=20150719,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=2.7/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-306,amq-6.2.1/amq-client=affected | |
| Dhananjay Arunesh | 2023-06-27 13:27:23 UTC | Fixed In Version | apache activemq 5.15.5 | apache activemq 5.14.5 |
Back to bug 1293972