Cleartext Exposure of Configured ActiveMQ Credentials in Log Bundles

CVE-2024-8689

Currently unrated 🤨

Key Information

Vendor: Palo Alto Networks
Status: ActiveMQ Content Pack
Vendor: CVE Published:; 11 September 2024

Badges

👾 Exploit Exists

Summary

A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.

Affected Version(s)

ActiveMQ Content Pack < 1.1.15

Timeline

Initial publication
Sep 11, 2024
Vulnerability Reserved.
Sep 11, 2024
Vulnerability published.
Sep 11, 2024
👾
Exploit exists.
Jan 1, 1970

Collectors

NVD DatabaseMitre Database

Credit

Marcel Maeder of Swisscom (Schweiz) AG

.