It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at http://activemq.apache.org/security-advisories.data/CVE-2015-5254-anno uncement.txt.

The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.171017 or 11.1.1.9.x prior to 11.1.1.9.171017. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Alvaro Muatoz, Matthias Kaiser and Christian Schneider reports :

JMS Object messages depends on Java Serialization for marshaling/unmashaling of the message payload. There are a couple of places inside the broker where deserialization can occur, like web console or stomp object message transformation. As deserialization of untrusted data can lead to security flaws as demonstrated in various reports, this leaves the broker vulnerable to this attack vector.
Additionally, applications that consume ObjectMessage type of messages can be vulnerable as they deserialize objects on ObjectMessage.getObject() calls.

fix for CVE-2015-5254 (rhbz#1291292,1291293)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Red Hat OpenShift Enterprise release 2.2.9, which fixes several security issues, several bugs, and introduces feature enhancements, is now available.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

The following security issue is addressed with this release :

It was found that ActiveMQ did not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the ActiveMQ application. (CVE-2015-5254)

An update for Jenkins Continuous Integration Server that addresses a large number of security issues including XSS, CSRF, information disclosure and code execution have been addressed as well.
(CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, CVE-2015-5325, CVE-2015-5326, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539, CVE-2015-8103)

Space precludes documenting all of the bug fixes in this advisory. See the OpenShift Enterprise Technical Notes, which will be updated shortly for release 2.2.9, for details about these changes :

https://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/ html-single/Technical_Notes/index.html

All OpenShift Enterprise 2 users are advised to upgrade to these updated packages.

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.13.0. It is, therefore, affected by a remote code execution vulnerability in the broker due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this to execute arbitrary code on the target host.

Versions of Apache ActiveMQ 5.x prior to 5.13.0 are affected by a remote code execution vulnerability in the broker due to unsafe unserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this to execute arbitrary code on the target host.

ID	Name	Product	Family	Published	Updated	Severity
90071	Debian DSA-3524-1 : activemq - security update	Nessus	Debian Local Security Checks	3/22/2016	1/11/2021	critical
103936	Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2017 CPU)	Nessus	Misc.	10/18/2017	4/11/2022	critical
90235	FreeBSD : activemq -- Unsafe deserialization (a258604d-f2aa-11e5-b4a9-ac220bdcec59)	Nessus	FreeBSD Local Security Checks	3/28/2016	1/4/2021	critical
89455	Fedora 23 : activemq-5.6.0-14.fc23 (2015-eefc5a6762)	Nessus	Fedora Local Security Checks	3/4/2016	1/11/2021	critical
89297	Fedora 22 : activemq-5.6.0-14.fc22 (2015-7ca4368b0c)	Nessus	Fedora Local Security Checks	3/4/2016	1/11/2021	critical
119368	RHEL 6 : Red Hat OpenShift Enterprise 2.2.9 (RHSA-2016:0489)	Nessus	Red Hat Local Security Checks	12/4/2018	5/14/2023	critical
87410	Apache ActiveMQ 5.x < 5.13.0 Java Object Deserialization RCE	Nessus	CGI abuses	12/16/2015	4/19/2024	critical
9080	Apache ActiveMQ 5.x < 5.13.0 Java Object Unserialization RCE	Nessus Network Monitor	CGI	2/19/2016	3/6/2019	critical

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical

critical