Remote Code Execution Vulnerability in Apache ActiveMQ
CVE-2020-13920

5.9MEDIUM

Key Information:

Vendor: Apache
Status: Apache ActiveMQ
Vendor: CVE Published:; 10 September 2020

What is CVE-2020-13920?

Apache ActiveMQ uses LocateRegistry.createRegistry() to create a JMX RMI registry, allowing unauthenticated access to the 'jmxrmi' entry. An attacker can exploit this by connecting to the registry and utilizing the rebind method to redirect 'jmxrmi' to a malicious server. This scenario can lead to man-in-the-middle attacks, enabling the attacker to potentially intercept sensitive user credentials when they connect to the original server. To mitigate this vulnerability, it is essential to upgrade to Apache ActiveMQ version 5.15.12 or later.

Affected Version(s)

Apache ActiveMQ Apache ActiveMQ version prior to 5.15.12

References

http://activemq.apache.org/security-advisories.data/CVE-2...

https://lists.debian.org/debian-lts-announce/2020/10/msg0...

mailing-list

https://www.oracle.com/security-alerts/cpuoct2020.html

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2020
Vulnerability Reserved
Jun 8, 2020