While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.
References
Configurations
History
01 Aug 2022, 12:37
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
21 Sep 2021, 18:18
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210827-0002/ - Third Party Advisory | |
CPE | cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* |
27 Aug 2021, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2021-01-27 19:15
Updated : 2024-02-04 21:23
NVD link : CVE-2021-26118
Mitre link : CVE-2021-26118
CVE.ORG link : CVE-2021-26118
JSON object : View
Products Affected
netapp
- oncommand_workflow_automation
apache
- activemq_artemis
CWE