Remote Code Execution in Apache TomEE with Embedded ActiveMQ Broker
CVE-2020-11969

9.8CRITICAL

Key Information:

Vendor

Apache
Status
Apache Tomee
Vendor
CVE Published:
15 June 2020

What is CVE-2020-11969?

When Apache TomEE is configured to utilize the embedded ActiveMQ broker with the useJMX=true parameter, it inadvertently exposes a JMX port (TCP port 1099) without requiring authentication. This configuration flaw leaves instances of Apache TomEE vulnerable to unauthorized access, potentially allowing malicious actors to execute arbitrary commands on the server. Administrators are advised to review and adjust their configurations to prevent this exposure and enhance overall system security.

Affected Version(s)

Apache TomEE Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 - 7.0.7, Apache TomEE 1.0.0 - 1.7.5

References

https://lists.apache.org/thread.html/rbd23418646dedda70a5...
x_refsource_MISC
https://lists.apache.org/thread.html/rbd23418646dedda70a5...
mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ref088c4732e1a8dd0bb...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.