CVE-2014-3576

Description

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.

Risk Information

Base Score

7.5

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

11.345

Associated Vulnerability

Vulnerability	OS Platform
Vulnerabilities CVE-2014-3576 are fixed in Apache-activemq-client 5.11.0	Windows
Vulnerabilities CVE-2014-3576 are affected in Oracle BI Publisher 12.2.1.0.0	Windows
Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2.6.3	Windows
Multiple Vulnerabilities are affected in IBM Security Verify Directory Integrator 7.2.0	Windows
Vulnerabilities CVE-2014-3576 are fixed in Apache-activemq-client for Linux 5.11.0	Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234