Cleartext Exposure of Configured ActiveMQ Credentials in Log Bundles

CVE-2024-8689

Currently unrated 🤨

Key Information

Vendor: Palo Alto Networks
Status: ActiveMQ Content Pack
Vendor: CVE Published:; 11 September 2024

Badges

👾 Exploit Exists

Summary

A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.

Affected Version(s)

ActiveMQ Content Pack < 1.1.15

Refferences

https://security.paloaltonetworks.com/CVE-2024-8689

Timeline

Vulnerability Reserved
Sep 11, 2024
Vulnerability published
Sep 11, 2024

Collectors

NVD DatabaseMitre Database

Credit

Marcel Maeder of Swisscom (Schweiz) AG