Home

CVE-2014-3600

Description

XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.511

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2014-3600,CVE-2014-8110 are fixed in Apache-activemq-client 5.10.1Windows
Vulnerabilities CVE-2014-3600,CVE-2014-3612 are fixed in Apache - activemq-broker 5.10.1Windows
Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2.6.3Windows
Multiple Vulnerabilities are affected in IBM Security Verify Directory Integrator 7.2.0Windows
Vulnerabilities CVE-2014-3600,CVE-2014-8110 are fixed in Apache-activemq-client for Linux 5.10.1Linux
Vulnerabilities CVE-2014-3600,CVE-2014-3612 are fixed in Apache - activemq-broker for Linux 5.10.1Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234