A flaw was found in Apache ActiveMQ 5.14.0 - 5.15.2. When using the OpenWire protocol it was found that certain system details (such as the OS and kernel version) are exposed as plain text. External Resources: https://lists.apache.org/thread.html/2b6f04a552c6ec2de6563c2df3bba813f0fe9c7e22cce27b7829db89@%3Cdev.activemq.apache.org%3E
This vulnerability is out of security support scope for the following product: * Red Hat JBoss Fuse Service Works 6 Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2017-15709