ID CVE-2015-5183
Summary Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:amq:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:amq:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:amq:6.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:amq:6.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-01-2021 - 10:15)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
rhsa
id RHSA-2018:2840
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1249182
mlist
  • [activemq-dev] 20191018 Re: NIST CVEs for ActiveMQ
  • [activemq-dev] 20200225 CVE-2015-5183
  • [activemq-dev] 20200226 Re: CVE-2015-5183
  • [activemq-dev] 20210105 Re: CVE-2015-5183
sectrack 1041750
Last major update 05-01-2021 - 10:15
Published 25-09-2017 - 21:29
Last modified 05-01-2021 - 10:15
Back to Top