Cleartext Exposure of Configured ActiveMQ Credentials in Log Bundles

CVE-2024-8689

What is CVE-2024-8689?

The integration of ActiveMQ within Cortex XSOAR and Cortex XSIAM allows for powerful logging and monitoring capabilities. However, a vulnerability has been identified that may result in the unintended exposure of ActiveMQ credentials in log bundles. This issue occurs when the credentials are logged in cleartext format, potentially allowing unauthorized individuals to gain access to sensitive information. Organizations utilizing these Cortex products must review their configurations and logging practices to mitigate the risks associated with credential exposure and ensure the security of their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References