cvelistv5 - cve-2025-4057

CVE-2025-4057 (GCVE-0-2025-4057)

Vulnerability from cvelistv5

Published

2025-05-26 08:53

Modified

2025-07-31 19:38

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-1391 - Use of Weak Credentials

Summary

A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.

References

URL

wid-sec-w-2025-1147

Vulnerability from csaf_certbund

Published

2025-05-26 22:00

Modified

2025-07-31 22:00

Summary

Apache ActiveMQ: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Apache ActiveMQ ist ein Open Source Message Broker, der den Transport von Nachrichten zwischen verschiedenen Programmen bewerkstelligt.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Apache ActiveMQ ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache ActiveMQ ist ein Open Source Message Broker, der den Transport von Nachrichten zwischen verschiedenen Programmen bewerkstelligt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Apache ActiveMQ ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1147 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1147.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1147 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1147"
      },
      {
        "category": "external",
        "summary": "GitHub Advisory Database vom 2025-05-26",
        "url": "https://github.com/advisories/GHSA-q5q7-8x6x-hcg2"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2025-05-26",
        "url": "https://access.redhat.com/errata/RHSA-2025:8147"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15188-1 vom 2025-06-02",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5W5NDYFJCKVTB2UYZO6OSRFA7RGWGHY3/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:12355 vom 2025-07-31",
        "url": "https://access.redhat.com/errata/RHSA-2025:12355"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:12473 vom 2025-07-31",
        "url": "https://access.redhat.com/errata/RHSA-2025:12473"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache ActiveMQ: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
    "tracking": {
      "current_release_date": "2025-07-31T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-01T07:15:39.687+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1147",
      "initial_release_date": "2025-05-26T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-05-26T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-06-02T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-07-30T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-07-31T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cBroker 7.13.0.OPR.1.GA",
                "product": {
                  "name": "Apache ActiveMQ \u003cBroker 7.13.0.OPR.1.GA",
                  "product_id": "T044160"
                }
              },
              {
                "category": "product_version",
                "name": "Broker 7.13.0.OPR.1.GA",
                "product": {
                  "name": "Apache ActiveMQ Broker 7.13.0.OPR.1.GA",
                  "product_id": "T044160-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:activemq:broker_7.13.0.opr.1.ga"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ActiveMQ"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-4057",
      "product_status": {
        "known_affected": [
          "67646",
          "T044160",
          "T027843"
        ]
      },
      "release_date": "2025-05-26T22:00:00.000+00:00",
      "title": "CVE-2025-4057"
    }
  ]
}

opensuse-su-2025:15188-1

Vulnerability from csaf_opensuse

Published

2025-06-01 00:00

Modified

2025-06-01 00:00

Summary

govulncheck-vulndb-0.0.20250529T205903-1.1 on GA media

Notes

Title of the patch

govulncheck-vulndb-0.0.20250529T205903-1.1 on GA media

Description of the patch

These are all security issues fixed in the govulncheck-vulndb-0.0.20250529T205903-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-15188

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "govulncheck-vulndb-0.0.20250529T205903-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250529T205903-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15188",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15188-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2025:15188-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5W5NDYFJCKVTB2UYZO6OSRFA7RGWGHY3/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2025:15188-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5W5NDYFJCKVTB2UYZO6OSRFA7RGWGHY3/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-4057 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-4057/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-47933 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-47933/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-47952 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-47952/"
      }
    ],
    "title": "govulncheck-vulndb-0.0.20250529T205903-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-06-01T00:00:00Z",
      "generator": {
        "date": "2025-06-01T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15188-1",
      "initial_release_date": "2025-06-01T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-06-01T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
                  "product_id": "govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
                  "product_id": "govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
                  "product_id": "govulncheck-vulndb-0.0.20250529T205903-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64",
                  "product_id": "govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-4057",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-4057"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-4057",
          "url": "https://www.suse.com/security/cve/CVE-2025-4057"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-01T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-4057"
    },
    {
      "cve": "CVE-2025-47933",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-47933"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.13.8, 2.14.13, and 3.0.4, an attacker can perform arbitrary actions on behalf of the victim via the API. Due to the improper filtering of URL protocols in the repository page, an attacker can achieve cross-site scripting with permission to edit the repository. This issue has been patched in versions 2.13.8, 2.14.13, and 3.0.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-47933",
          "url": "https://www.suse.com/security/cve/CVE-2025-47933"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1243791 for CVE-2025-47933",
          "url": "https://bugzilla.suse.com/1243791"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-01T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-47933"
    },
    {
      "cve": "CVE-2025-47952",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-47952"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-47952",
          "url": "https://www.suse.com/security/cve/CVE-2025-47952"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1243818 for CVE-2025-47952",
          "url": "https://bugzilla.suse.com/1243818"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-01T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-47952"
    }
  ]
}

rhsa-2025:8147

Vulnerability from csaf_redhat

Published

2025-05-26 14:48

Modified

2025-09-25 15:26

Summary

Red Hat Security Advisory: AMQ Broker 7.13.0.OPR.1.GA Container Images security update

Notes

Topic

This is the multiarch release of the AMQ Broker 7.13.0 aligned Operator and associated container images on Red Hat Enterprise Linux 9 for the OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments. This release of Red Hat AMQ Broker 7.13.0 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Security Fix(es): * (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. For information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This is the multiarch release of the AMQ Broker 7.13.0 aligned Operator and associated container images on Red Hat Enterprise Linux 9 for the OpenShift Container Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.\n\nThis release of Red Hat AMQ Broker 7.13.0 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:8147",
        "url": "https://access.redhat.com/errata/RHSA-2025:8147"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification#moderate",
        "url": "https://access.redhat.com/security/updates/classification#moderate"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/7.13",
        "url": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/7.13"
      },
      {
        "category": "external",
        "summary": "2362827",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8147.json"
      }
    ],
    "title": "Red Hat Security Advisory: AMQ Broker 7.13.0.OPR.1.GA Container Images security update",
    "tracking": {
      "current_release_date": "2025-09-25T15:26:43+00:00",
      "generator": {
        "date": "2025-09-25T15:26:43+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHSA-2025:8147",
      "initial_release_date": "2025-05-26T14:48:16+00:00",
      "revision_history": [
        {
          "date": "2025-05-26T14:48:16+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-05-26T14:48:16+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-09-25T15:26:43+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "AMQ Broker 7.13.0.OPR.1.GA",
                "product": {
                  "name": "AMQ Broker 7.13.0.OPR.1.GA",
                  "product_id": "AMQ Broker 7.13.0.OPR.1.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhosemc:1.0::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-4057",
      "cwe": {
        "id": "CWE-1391",
        "name": "Use of Weak Credentials"
      },
      "discovery_date": "2025-04-29T02:06:56.641000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2362827"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AMQ Broker 7.13.0.OPR.1.GA"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "RHBZ#2362827",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-4057",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a",
          "url": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a"
        },
        {
          "category": "external",
          "summary": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130",
          "url": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130"
        }
      ],
      "release_date": "2025-05-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-26T14:48:16+00:00",
          "details": "To update to the latest image please refer to the AMQ container images in the Red Hat Container catalog.",
          "product_ids": [
            "AMQ Broker 7.13.0.OPR.1.GA"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:8147"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability.",
          "product_ids": [
            "AMQ Broker 7.13.0.OPR.1.GA"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "AMQ Broker 7.13.0.OPR.1.GA"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse"
    }
  ]
}

rhsa-2025:12355

Vulnerability from csaf_redhat

Published

2025-07-31 11:18

Modified

2025-09-25 15:15

Summary

Red Hat Security Advisory: AMQ Broker 7.12.5.OPR.1.GA Container Images release and security update

Notes

Topic

This is the multiarch release of the AMQ Broker 7.12.5 aligned Operator and associated container images on Red Hat Enterprise Linux for the OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments. This release of Red Hat AMQ Broker 7.12.5 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Security Fix(es): * (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. For information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This is the multiarch release of the AMQ Broker 7.12.5 aligned Operator and associated container images on Red Hat Enterprise Linux for the OpenShift Container Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.\n\nThis release of Red Hat AMQ Broker 7.12.5 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:12355",
        "url": "https://access.redhat.com/errata/RHSA-2025:12355"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification#moderate",
        "url": "https://access.redhat.com/security/updates/classification#moderate"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/",
        "url": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/"
      },
      {
        "category": "external",
        "summary": "2362827",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
      },
      {
        "category": "external",
        "summary": "ENTMQBR-9820",
        "url": "https://issues.redhat.com/browse/ENTMQBR-9820"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12355.json"
      }
    ],
    "title": "Red Hat Security Advisory: AMQ Broker 7.12.5.OPR.1.GA Container Images release and security update",
    "tracking": {
      "current_release_date": "2025-09-25T15:15:09+00:00",
      "generator": {
        "date": "2025-09-25T15:15:09+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHSA-2025:12355",
      "initial_release_date": "2025-07-31T11:18:34+00:00",
      "revision_history": [
        {
          "date": "2025-07-31T11:18:34+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-07-31T11:18:34+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-09-25T15:15:09+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Middleware Containers for OpenShift",
                "product": {
                  "name": "Middleware Containers for OpenShift",
                  "product_id": "8Base-RHOSE-Middleware",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
                "product": {
                  "name": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
                  "product_id": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
                "product": {
                  "name": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
                  "product_id": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
                "product": {
                  "name": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
                  "product_id": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
                "product": {
                  "name": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
                  "product_id": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
                "product": {
                  "name": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
                  "product_id": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
                "product": {
                  "name": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
                  "product_id": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator-bundle\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
                "product": {
                  "name": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
                  "product_id": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
                "product": {
                  "name": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
                  "product_id": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
                "product": {
                  "name": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
                  "product_id": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
                "product": {
                  "name": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
                  "product_id": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
                "product": {
                  "name": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
                  "product_id": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
                "product": {
                  "name": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
                  "product_id": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
                "product": {
                  "name": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
                  "product_id": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x"
        },
        "product_reference": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64"
        },
        "product_reference": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64"
        },
        "product_reference": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le"
        },
        "product_reference": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64"
        },
        "product_reference": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64"
        },
        "product_reference": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x"
        },
        "product_reference": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le"
        },
        "product_reference": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64"
        },
        "product_reference": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x"
        },
        "product_reference": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64"
        },
        "product_reference": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64"
        },
        "product_reference": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
        },
        "product_reference": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-4057",
      "cwe": {
        "id": "CWE-1391",
        "name": "Use of Weak Credentials"
      },
      "discovery_date": "2025-04-29T02:06:56.641000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2362827"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
          "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
          "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
          "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
          "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "RHBZ#2362827",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-4057",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a",
          "url": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a"
        },
        {
          "category": "external",
          "summary": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130",
          "url": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130"
        }
      ],
      "release_date": "2025-05-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-07-31T11:18:34+00:00",
          "details": "To update to the latest image please refer to the AMQ container images in the Red Hat Container catalog.",
          "product_ids": [
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:12355"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability.",
          "product_ids": [
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
            "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse"
    }
  ]
}

rhsa-2025:12473

Vulnerability from csaf_redhat

Published

2025-07-31 19:38

Modified

2025-09-25 15:15

Summary

Red Hat Security Advisory: Red Hat AMQ Broker 7.12.5 release and security update

Notes

Topic

Red Hat AMQ Broker 7.12.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.12.5 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Security Fix(es): * (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat AMQ Broker 7.12.5 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.\n\nThis release of Red Hat AMQ Broker 7.12.5 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:12473",
        "url": "https://access.redhat.com/errata/RHSA-2025:12473"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification#moderate",
        "url": "https://access.redhat.com/security/updates/classification#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.12.5",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.12.5"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/7.12",
        "url": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/7.12"
      },
      {
        "category": "external",
        "summary": "2362827",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
      },
      {
        "category": "external",
        "summary": "ENTMQBR-9820",
        "url": "https://issues.redhat.com/browse/ENTMQBR-9820"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12473.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.12.5 release and security update",
    "tracking": {
      "current_release_date": "2025-09-25T15:15:20+00:00",
      "generator": {
        "date": "2025-09-25T15:15:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHSA-2025:12473",
      "initial_release_date": "2025-07-31T19:38:17+00:00",
      "revision_history": [
        {
          "date": "2025-07-31T19:38:17+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-07-31T19:38:17+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-09-25T15:15:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat AMQ Broker 7.12.5",
                "product": {
                  "name": "Red Hat AMQ Broker 7.12.5",
                  "product_id": "Red Hat AMQ Broker 7.12.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:amq_broker:7.12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss AMQ"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-4057",
      "cwe": {
        "id": "CWE-1391",
        "name": "Use of Weak Credentials"
      },
      "discovery_date": "2025-04-29T02:06:56.641000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2362827"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Broker 7.12.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "RHBZ#2362827",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-4057",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057"
        },
        {
          "category": "external",
          "summary": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a",
          "url": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a"
        },
        {
          "category": "external",
          "summary": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130",
          "url": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130"
        }
      ],
      "release_date": "2025-05-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-07-31T19:38:17+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat AMQ Broker 7.12.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:12473"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability.",
          "product_ids": [
            "Red Hat AMQ Broker 7.12.5"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Broker 7.12.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse"
    }
  ]
}

fkie_cve-2025-4057

Vulnerability from fkie_nvd

Published

2025-05-26 10:15

Modified

2025-07-31 20:15

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.

References

	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:12355
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:12473
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:8147
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2025-4057
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2362827
	secalert@redhat.com	https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a
	secalert@redhat.com	https://github.com/arkmq-org/activemq-artemis-operator/issues/1130

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 una falla en ActiveMQ Artemis. La contrase\u00f1a generada por activemq-artemis-operator no se regenera entre dependencias CR separadas."
    }
  ],
  "id": "CVE-2025-4057",
  "lastModified": "2025-07-31T20:15:43.123",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-05-26T10:15:21.437",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:12355"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:12473"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:8147"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2025-4057"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1391"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

ghsa-q5q7-8x6x-hcg2

Vulnerability from github

Published

2025-05-26 12:30

Modified

2025-07-31 21:31

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

ActiveMQ Artemis AMQ Broker Operator Starting Credentials Reuse

Details

A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/arkmq-org/activemq-artemis-operator"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.0.0-20250418141202-b262048e6a75"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-4057"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1391"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-27T22:50:22Z",
    "nvd_published_at": "2025-05-26T10:15:21Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.",
  "id": "GHSA-q5q7-8x6x-hcg2",
  "modified": "2025-07-31T21:31:32Z",
  "published": "2025-05-26T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057"
    },
    {
      "type": "WEB",
      "url": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130"
    },
    {
      "type": "WEB",
      "url": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:12355"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:12473"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:8147"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-4057"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/arkmq-org/activemq-artemis-operator"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ActiveMQ Artemis AMQ Broker Operator Starting Credentials Reuse"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-4057 (GCVE-0-2025-4057)

Vulnerability from cvelistv5

wid-sec-w-2025-1147

Vulnerability from csaf_certbund

opensuse-su-2025:15188-1

Vulnerability from csaf_opensuse

rhsa-2025:8147

Vulnerability from csaf_redhat

rhsa-2025:12355

Vulnerability from csaf_redhat

rhsa-2025:12473

Vulnerability from csaf_redhat

fkie_cve-2025-4057

Vulnerability from fkie_nvd

ghsa-q5q7-8x6x-hcg2

Vulnerability from github

Tags

Sightings

Nomenclature