7.5
CVE-2014-3576
- EPSS 12.79%
- Veröffentlicht 14.08.2015 18:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Business Intelligence Publisher Version12.2.1.0.0
Oracle ≫ Fusion Middleware Version8.1
Oracle ≫ Fusion Middleware Version9.0
Oracle ≫ Fusion Middleware Version11.1.1.7.4
Oracle ≫ Fusion Middleware Version12.1.3.0.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 12.79% | 0.958 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securitytracker.com/id/1033898
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
http://activemq.2283324.n4.nabble.com/About-CVE-2014-3576-tp4699628.html
http://packetstormsecurity.com/files/134274/Apache-ActiveMQ-5.10.1-Denial-Of-Service.html
http://www.debian.org/security/2015/dsa-3330
http://www.securityfocus.com/archive/1/536862/100/0/threaded
http://www.securityfocus.com/bid/76272
https://github.com/apache/activemq/commit/00921f2