admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/11xxx/CVE-2020-11998.json

80 lines
3.3 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2020-04-21 13:01:16 +00:00
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11998",
"-Synchronized-Data."
2020-09-10 19:01:47 +00:00
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache ActiveMQ",
"version": {
"version_data": [
{
"version_value": "Apache Tomcat 5.15.12"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary code execution via JMX"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://activemq.apache.org/security-advisories.data/CVE-2020-11998-announcement.txt",
"url": "http://activemq.apache.org/security-advisories.data/CVE-2020-11998-announcement.txt"
ill Situ <Bill.Situ@Oracle.com> On branch cna/Oracle/CPU2021Jan3rd Changes to be committed: modified: 2012/2xxx/CVE-2012-2098.json modified: 2015/4xxx/CVE-2015-4000.json modified: 2015/8xxx/CVE-2015-8965.json modified: 2016/1000xxx/CVE-2016-1000031.json modified: 2016/5xxx/CVE-2016-5725.json modified: 2017/12xxx/CVE-2017-12626.json modified: 2017/5xxx/CVE-2017-5611.json modified: 2017/5xxx/CVE-2017-5645.json modified: 2017/8xxx/CVE-2017-8028.json modified: 2018/0xxx/CVE-2018-0732.json modified: 2018/10xxx/CVE-2018-10237.json modified: 2018/11xxx/CVE-2018-11775.json modified: 2018/15xxx/CVE-2018-15756.json modified: 2018/1xxx/CVE-2018-1258.json modified: 2018/1xxx/CVE-2018-1285.json modified: 2018/20xxx/CVE-2018-20781.json modified: 2018/7xxx/CVE-2018-7318.json modified: 2018/8xxx/CVE-2018-8032.json modified: 2018/9xxx/CVE-2018-9019.json modified: 2019/0xxx/CVE-2019-0188.json modified: 2019/0xxx/CVE-2019-0227.json modified: 2019/0xxx/CVE-2019-0230.json modified: 2019/0xxx/CVE-2019-0233.json modified: 2019/10xxx/CVE-2019-10086.json modified: 2019/10xxx/CVE-2019-10173.json modified: 2019/10xxx/CVE-2019-10246.json modified: 2019/10xxx/CVE-2019-10247.json modified: 2019/10xxx/CVE-2019-10744.json modified: 2019/11xxx/CVE-2019-11135.json modified: 2019/11xxx/CVE-2019-11269.json modified: 2019/11xxx/CVE-2019-11358.json modified: 2019/12xxx/CVE-2019-12399.json modified: 2019/12xxx/CVE-2019-12402.json modified: 2019/12xxx/CVE-2019-12415.json modified: 2019/13xxx/CVE-2019-13990.json modified: 2019/14xxx/CVE-2019-14862.json modified: 2019/17xxx/CVE-2019-17091.json modified: 2019/17xxx/CVE-2019-17195.json modified: 2019/17xxx/CVE-2019-17359.json modified: 2019/17xxx/CVE-2019-17563.json modified: 2019/17xxx/CVE-2019-17566.json modified: 2019/17xxx/CVE-2019-17569.json modified: 2019/1xxx/CVE-2019-1551.json modified: 2019/1xxx/CVE-2019-1559.json modified: 2019/20xxx/CVE-2019-20892.json modified: 2019/20xxx/CVE-2019-20907.json modified: 2019/3xxx/CVE-2019-3773.json modified: 2019/3xxx/CVE-2019-3778.json modified: 2019/5xxx/CVE-2019-5427.json modified: 2019/7xxx/CVE-2019-7164.json modified: 2019/7xxx/CVE-2019-7548.json modified: 2019/9xxx/CVE-2019-9511.json modified: 2019/9xxx/CVE-2019-9513.json modified: 2020/10xxx/CVE-2020-10531.json modified: 2020/10xxx/CVE-2020-10543.json modified: 2020/10xxx/CVE-2020-10672.json modified: 2020/10xxx/CVE-2020-10673.json modified: 2020/10xxx/CVE-2020-10683.json modified: 2020/10xxx/CVE-2020-10722.json modified: 2020/10xxx/CVE-2020-10723.json modified: 2020/10xxx/CVE-2020-10724.json modified: 2020/10xxx/CVE-2020-10725.json modified: 2020/10xxx/CVE-2020-10726.json modified: 2020/10xxx/CVE-2020-10878.json modified: 2020/10xxx/CVE-2020-10968.json modified: 2020/10xxx/CVE-2020-10969.json modified: 2020/11xxx/CVE-2020-11022.json modified: 2020/11xxx/CVE-2020-11023.json modified: 2020/11xxx/CVE-2020-11080.json modified: 2020/11xxx/CVE-2020-11111.json modified: 2020/11xxx/CVE-2020-11112.json modified: 2020/11xxx/CVE-2020-11113.json modified: 2020/11xxx/CVE-2020-11612.json modified: 2020/11xxx/CVE-2020-11619.json modified: 2020/11xxx/CVE-2020-11620.json modified: 2020/11xxx/CVE-2020-11655.json modified: 2020/11xxx/CVE-2020-11656.json modified: 2020/11xxx/CVE-2020-11971.json modified: 2020/11xxx/CVE-2020-11972.json modified: 2020/11xxx/CVE-2020-11973.json modified: 2020/11xxx/CVE-2020-11979.json modified: 2020/11xxx/CVE-2020-11984.json modified: 2020/11xxx/CVE-2020-11985.json modified: 2020/11xxx/CVE-2020-11993.json modified: 2020/11xxx/CVE-2020-11994.json modified: 2020/11xxx/CVE-2020-11996.json modified: 2020/11xxx/CVE-2020-11998.json modified: 2020/12xxx/CVE-2020-12723.json modified: 2020/13xxx/CVE-2020-13254.json modified: 2020/13xxx/CVE-2020-13596.json modified: 2020/13xxx/CVE-2020-13871.json modified: 2020/13xxx/CVE-2020-13934.json modified: 2020/13xxx/CVE-2020-13935.json modified: 2020/13xxx/CVE-2020-13954.json modified: 2020/14xxx/CVE-2020-14060.json modified: 2020/14xxx/CVE-2020-14061.json modified: 2020/14xxx/CVE-2020-14062.json modified: 2020/14xxx/CVE-2020-14147.json modified: 2020/14xxx/CVE-2020-14195.json modified: 2020/14xxx/CVE-2020-14422.json modified: 2020/15xxx/CVE-2020-15025.json modified: 2020/15xxx/CVE-2020-15358.json modified: 2020/17xxx/CVE-2020-17498.json modified: 2020/17xxx/CVE-2020-17521.json modified: 2020/17xxx/CVE-2020-17530.json modified: 2020/1xxx/CVE-2020-1935.json modified: 2020/1xxx/CVE-2020-1938.json modified: 2020/1xxx/CVE-2020-1945.json modified: 2020/1xxx/CVE-2020-1967.json modified: 2020/1xxx/CVE-2020-1968.json modified: 2020/1xxx/CVE-2020-1971.json modified: 2020/24xxx/CVE-2020-24583.json modified: 2020/24xxx/CVE-2020-24584.json modified: 2020/24xxx/CVE-2020-24616.json modified: 2020/24xxx/CVE-2020-24750.json modified: 2020/25xxx/CVE-2020-25020.json modified: 2020/25xxx/CVE-2020-25862.json modified: 2020/25xxx/CVE-2020-25863.json modified: 2020/25xxx/CVE-2020-25866.json modified: 2020/26xxx/CVE-2020-26575.json modified: 2020/27xxx/CVE-2020-27216.json modified: 2020/35xxx/CVE-2020-35460.json modified: 2020/5xxx/CVE-2020-5398.json modified: 2020/5xxx/CVE-2020-5407.json modified: 2020/5xxx/CVE-2020-5408.json modified: 2020/5xxx/CVE-2020-5421.json modified: 2020/7xxx/CVE-2020-7064.json modified: 2020/8xxx/CVE-2020-8172.json modified: 2020/8xxx/CVE-2020-8174.json modified: 2020/8xxx/CVE-2020-8265.json modified: 2020/8xxx/CVE-2020-8277.json modified: 2020/8xxx/CVE-2020-8287.json modified: 2020/9xxx/CVE-2020-9281.json modified: 2020/9xxx/CVE-2020-9327.json modified: 2020/9xxx/CVE-2020-9484.json modified: 2020/9xxx/CVE-2020-9488.json modified: 2020/9xxx/CVE-2020-9490.json modified: 2020/9xxx/CVE-2020-9546.json modified: 2020/9xxx/CVE-2020-9547.json modified: 2020/9xxx/CVE-2020-9548.json
2021-01-19 13:08:08 -08:00
},
{
"-Synchronized-Data."
2021-01-20 15:02:47 +00:00
"url": "https://www.oracle.com/security-alerts/cpujan2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2021.html"
"-Synchronized-Data."
2021-01-27 19:00:48 +00:00
},
{
"refsource": "MLIST",
"name": "[activemq-commits] 20210127 [activemq-website] branch master updated: Publish CVE-2021-26117",
"url": "https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d@%3Ccommits.activemq.apache.org%3E"
"-Synchronized-Data."
2021-02-08 07:00:48 +00:00
},
{
"refsource": "MLIST",
"name": "[activemq-commits] 20210208 [activemq-website] branch master updated: Publish CVE-2020-13947",
"url": "https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E"
Bill Situ<Bill.Situ@Oracle.com> On branch cna/Oracle/CPU2021Apr3rdv2 Changes to be committed: modified: 2014/9xxx/CVE-2014-9515.json modified: 2016/2xxx/CVE-2016-2542.json modified: 2016/5xxx/CVE-2016-5725.json modified: 2016/7xxx/CVE-2016-7103.json modified: 2016/9xxx/CVE-2016-9775.json modified: 2017/1000xxx/CVE-2017-1000061.json modified: 2017/12xxx/CVE-2017-12626.json modified: 2017/14xxx/CVE-2017-14735.json modified: 2017/18xxx/CVE-2017-18640.json modified: 2017/5xxx/CVE-2017-5645.json modified: 2018/1000xxx/CVE-2018-1000180.json modified: 2018/1000xxx/CVE-2018-1000613.json modified: 2018/1000xxx/CVE-2018-1000632.json modified: 2018/14xxx/CVE-2018-14040.json modified: 2018/14xxx/CVE-2018-14041.json modified: 2018/14xxx/CVE-2018-14042.json modified: 2018/14xxx/CVE-2018-14550.json modified: 2018/14xxx/CVE-2018-14613.json modified: 2018/16xxx/CVE-2018-16884.json modified: 2018/1xxx/CVE-2018-1285.json modified: 2018/20xxx/CVE-2018-20843.json modified: 2018/8xxx/CVE-2018-8032.json modified: 2019/0xxx/CVE-2019-0219.json modified: 2019/0xxx/CVE-2019-0221.json modified: 2019/0xxx/CVE-2019-0227.json modified: 2019/0xxx/CVE-2019-0228.json modified: 2019/0xxx/CVE-2019-0230.json modified: 2019/0xxx/CVE-2019-0232.json modified: 2019/0xxx/CVE-2019-0233.json modified: 2019/10xxx/CVE-2019-10072.json modified: 2019/10xxx/CVE-2019-10080.json modified: 2019/10xxx/CVE-2019-10086.json modified: 2019/10xxx/CVE-2019-10098.json modified: 2019/10xxx/CVE-2019-10173.json modified: 2019/10xxx/CVE-2019-10246.json modified: 2019/10xxx/CVE-2019-10247.json modified: 2019/10xxx/CVE-2019-10638.json modified: 2019/10xxx/CVE-2019-10639.json modified: 2019/11xxx/CVE-2019-11048.json modified: 2019/11xxx/CVE-2019-11358.json modified: 2019/11xxx/CVE-2019-11487.json modified: 2019/11xxx/CVE-2019-11599.json modified: 2019/12xxx/CVE-2019-12086.json modified: 2019/12xxx/CVE-2019-12399.json modified: 2019/12xxx/CVE-2019-12402.json modified: 2019/12xxx/CVE-2019-12406.json modified: 2019/12xxx/CVE-2019-12415.json modified: 2019/12xxx/CVE-2019-12419.json modified: 2019/12xxx/CVE-2019-12423.json modified: 2019/14xxx/CVE-2019-14379.json modified: 2019/14xxx/CVE-2019-14898.json modified: 2019/15xxx/CVE-2019-15218.json modified: 2019/16xxx/CVE-2019-16746.json modified: 2019/16xxx/CVE-2019-16942.json modified: 2019/17xxx/CVE-2019-17075.json modified: 2019/17xxx/CVE-2019-17133.json modified: 2019/17xxx/CVE-2019-17195.json modified: 2019/17xxx/CVE-2019-17495.json modified: 2019/17xxx/CVE-2019-17566.json modified: 2019/17xxx/CVE-2019-17571.json modified: 2019/17xxx/CVE-2019-17573.json modified: 2019/17xxx/CVE-2019-17632.json modified: 2019/17xxx/CVE-2019-17638.json modified: 2019/18xxx/CVE-2019-18885.json modified: 2019/19xxx/CVE-2019-19052.json modified: 2019/19xxx/CVE-2019-19063.json modified: 2019/19xxx/CVE-2019-19066.json modified: 2019/19xxx/CVE-2019-19073.json modified: 2019/19xxx/CVE-2019-19074.json modified: 2019/19xxx/CVE-2019-19078.json modified: 2019/19xxx/CVE-2019-19535.json modified: 2019/19xxx/CVE-2019-19922.json modified: 2019/1xxx/CVE-2019-1241.json modified: 2019/1xxx/CVE-2019-1551.json modified: 2019/20xxx/CVE-2019-20812.json modified: 2019/3xxx/CVE-2019-3738.json modified: 2019/3xxx/CVE-2019-3739.json modified: 2019/3xxx/CVE-2019-3740.json modified: 2019/3xxx/CVE-2019-3773.json modified: 2019/3xxx/CVE-2019-3874.json modified: 2019/3xxx/CVE-2019-3900.json modified: 2019/5xxx/CVE-2019-5063.json modified: 2019/5xxx/CVE-2019-5064.json modified: 2019/5xxx/CVE-2019-5108.json modified: 2019/7xxx/CVE-2019-7317.json modified: 2019/8xxx/CVE-2019-8331.json modified: 2020/10xxx/CVE-2020-10188.json modified: 2020/10xxx/CVE-2020-10543.json modified: 2020/10xxx/CVE-2020-10683.json modified: 2020/10xxx/CVE-2020-10751.json modified: 2020/10xxx/CVE-2020-10769.json modified: 2020/10xxx/CVE-2020-10878.json modified: 2020/11xxx/CVE-2020-11022.json modified: 2020/11xxx/CVE-2020-11023.json modified: 2020/11xxx/CVE-2020-11612.json modified: 2020/11xxx/CVE-2020-11655.json modified: 2020/11xxx/CVE-2020-11656.json modified: 2020/11xxx/CVE-2020-11973.json modified: 2020/11xxx/CVE-2020-11979.json modified: 2020/11xxx/CVE-2020-11987.json modified: 2020/11xxx/CVE-2020-11994.json modified: 2020/11xxx/CVE-2020-11998.json modified: 2020/12xxx/CVE-2020-12114.json modified: 2020/12xxx/CVE-2020-12723.json modified: 2020/12xxx/CVE-2020-12771.json modified: 2020/13xxx/CVE-2020-13434.json modified: 2020/13xxx/CVE-2020-13435.json modified: 2020/13xxx/CVE-2020-13871.json modified: 2020/13xxx/CVE-2020-13934.json modified: 2020/13xxx/CVE-2020-13935.json modified: 2020/13xxx/CVE-2020-13943.json modified: 2020/13xxx/CVE-2020-13947.json modified: 2020/13xxx/CVE-2020-13954.json modified: 2020/13xxx/CVE-2020-13956.json modified: 2020/14xxx/CVE-2020-14039.json modified: 2020/14xxx/CVE-2020-14060.json modified: 2020/14xxx/CVE-2020-14061.json modified: 2020/14xxx/CVE-2020-14062.json modified: 2020/14xxx/CVE-2020-14195.json modified: 2020/15xxx/CVE-2020-15358.json modified: 2020/15xxx/CVE-2020-15586.json modified: 2020/16xxx/CVE-2020-16166.json modified: 2020/16xxx/CVE-2020-16845.json modified: 2020/17xxx/CVE-2020-17521.json modified: 2020/17xxx/CVE-2020-17527.json modified: 2020/17xxx/CVE-2020-17530.json modified: 2020/1xxx/CVE-2020-1472.json modified: 2020/1xxx/CVE-2020-1927.json modified: 2020/1xxx/CVE-2020-1941.json modified: 2020/1xxx/CVE-2020-1945.json modified: 2020/1xxx/CVE-2020-1967.json modified: 2020/1xxx/CVE-2020-1968.json modified: 2020/1xxx/CVE-2020-1971.json modified: 2020/24xxx/CVE-2020-24394.json modified: 2020/24xxx/CVE-2020-24553.json modified: 2020/24xxx/CVE-2020-24616.json modified: 2020/24xxx/CVE-2020-24750.json modified: 2020/25xxx/CVE-2020-25649.json modified: 2020/26xxx/CVE-2020-26217.json modified: 2020/26xxx/CVE-2020-26418.json modified: 2020/26xxx/CVE-2020-26419.json modified: 2020/26xxx/CVE-2020-26420.json modified: 2020/26xxx/CVE-2020-26421.json modified: 2020/26xxx/CVE-2020-26422.json modified: 2020/27xxx/CVE-2020-27193.json modified: 2020/27xxx/CVE-2020-27216.json modified: 2020/27xxx/CVE-2020-27218.json modified: 2020/27xxx/CVE-2020-27223.json modified: 2020/27xxx/CVE-2020-27841.json modified: 2020/27xxx/CVE-2020-27842.json modified: 2020/27xxx/CVE-2020-27843.json modified: 2020/27xxx/CVE-2020-27844.json modified: 2020/27xxx/CVE-2020-27845.json modified: 2020/28xxx/CVE-2020-28052.json modified: 2020/28xxx/CVE-2020-28196.json modified: 2020/35xxx/CVE-2020-35490.json modified: 2020/35xxx/CVE-2020-35491.json modified: 2020/35xxx/CVE-2020-35728.json modified: 2020/36xxx/CVE-2020-36179.json modified: 2020/36xxx/CVE-2020-36180.json modified: 2020/36xxx/CVE-2020-36181.json modified: 2020/36xxx/CVE-2020-36182.json modified: 2020/36xxx/CVE-2020-36183.json modified: 2020/36xxx/CVE-2020-36184.json modified: 2020/36xxx/CVE-2020-36185.json modified: 2020/36xxx/CVE-2020-36186.json modified: 2020/36xxx/CVE-2020-36187.json modified: 2020/36xxx/CVE-2020-36188.json modified: 2020/36xxx/CVE-2020-36189.json modified: 2020/5xxx/CVE-2020-5359.json modified: 2020/5xxx/CVE-2020-5360.json modified: 2020/5xxx/CVE-2020-5398.json modified: 2020/5xxx/CVE-2020-5407.json modified: 2020/5xxx/CVE-2020-5408.json modified: 2020/5xxx/CVE-2020-5413.json modified: 2020/5xxx/CVE-2020-5421.json modified: 2020/7xxx/CVE-2020-7059.json modified: 2020/7xxx/CVE-2020-7060.json modified: 2020/7xxx/CVE-2020-7067.json modified: 2020/7xxx/CVE-2020-7069.json modified: 2020/7xxx/CVE-2020-7760.json modified: 2020/7xxx/CVE-2020-7774.json modified: 2020/7xxx/CVE-2020-7919.json modified: 2020/8xxx/CVE-2020-8203.json modified: 2020/8xxx/CVE-2020-8277.json modified: 2020/8xxx/CVE-2020-8284.json modified: 2020/8xxx/CVE-2020-8285.json modified: 2020/8xxx/CVE-2020-8286.json modified: 2020/8xxx/CVE-2020-8908.json modified: 2020/9xxx/CVE-2020-9281.json modified: 2020/9xxx/CVE-2020-9327.json modified: 2020/9xxx/CVE-2020-9480.json modified: 2020/9xxx/CVE-2020-9484.json modified: 2020/9xxx/CVE-2020-9488.json modified: 2020/9xxx/CVE-2020-9489.json modified: 2021/20xxx/CVE-2021-20227.json modified: 2021/21xxx/CVE-2021-21290.json modified: 2021/21xxx/CVE-2021-21345.json modified: 2021/22xxx/CVE-2021-22112.json modified: 2021/22xxx/CVE-2021-22173.json modified: 2021/22xxx/CVE-2021-22174.json modified: 2021/22xxx/CVE-2021-22191.json modified: 2021/22xxx/CVE-2021-22883.json modified: 2021/22xxx/CVE-2021-22884.json modified: 2021/23xxx/CVE-2021-23336.json modified: 2021/23xxx/CVE-2021-23839.json modified: 2021/23xxx/CVE-2021-23840.json modified: 2021/23xxx/CVE-2021-23841.json modified: 2021/26xxx/CVE-2021-26117.json modified: 2021/3xxx/CVE-2021-3449.json modified: 2021/3xxx/CVE-2021-3450.json
2021-06-11 10:44:45 -07:00
},
{
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
"-Synchronized-Data."
2020-09-10 19:01:47 +00:00
}
]
"-Synchronized-Data."
2020-04-21 13:01:16 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2020-09-10 19:01:47 +00:00
"value": "A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html \"A remote client could create a javax.management.loading.MLet MBean and use it to create new MBeans from arbitrary URLs, at least if there is no security manager. In other words, a rogue remote client could make your Java application execute arbitrary code.\" Mitigation: Upgrade to Apache ActiveMQ 5.15.13"
"-Synchronized-Data."
2020-04-21 13:01:16 +00:00
}
]
}
}
Reference in New Issue Copy Permalink