CVE-2010-1244
Description
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.437
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2010-1244,CVE-2010-0684 are fixed in Apache - activemq-parent 5.3.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2 | Windows |
| Vulnerabilities CVE-2010-1244,CVE-2010-0684 are fixed in Apache - activemq-parent for Linux 5.3.1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234