Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1yOXZ2LXhqNHctZzhtOM3zOw

Apache ActiveMQ Artemis RCE Via Deserialization Gadget Chain

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.

Permalink: https://github.com/advisories/GHSA-r9vv-xj4w-g8m8
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yOXZ2LXhqNHctZzhtOM3zOw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 2 years ago
Updated: about 1 year ago


CVSS Score: 7.2
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Identifiers: GHSA-r9vv-xj4w-g8m8, CVE-2016-4978
References: Blast Radius: 2.2

Affected Packages

maven:org.apache.activemq:artemis-pom
Dependent packages: 0
Dependent repositories: 2
Downloads:
Affected Version Ranges: < 1.4.0
Fixed in: 1.4.0
All affected versions: 1.0.0, 1.1.0, 1.2.0, 1.3.0
All unaffected versions: 1.4.0, 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.5.4, 1.5.5, 1.5.6, 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.7.0, 2.8.0, 2.8.1, 2.9.0, 2.10.0, 2.10.1, 2.11.0, 2.12.0, 2.13.0, 2.14.0, 2.15.0, 2.16.0, 2.17.0, 2.18.0, 2.19.0, 2.19.1, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.23.1, 2.24.0, 2.25.0, 2.26.0, 2.27.0, 2.27.1, 2.28.0, 2.29.0, 2.30.0, 2.31.0, 2.31.1, 2.31.2, 2.32.0, 2.33.0, 2.34.0, 2.35.0, 2.36.0, 2.37.0, 2.38.0