Unauthorized broker instantiation via improper input validation in LDAP en…
Summary
Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM. This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue. A flaw was found in Apache ActiveMQ. An attacker with privileges to publish or modify entries in Lightweight Directory Access Protocol (LDAP) can exploit an improper input validation vulnerability. This allows the attacker to instantiate denied transports within the broker's Java Virtual Machine (JVM). Consequently, this can be used to fetch an attacker-controlled URL and launch an additional BrokerService within the same JVM, potentially leading to a denial of service or further system compromise. Red Hat products ship Apache ActiveMQ Classic components as transitive dependencies. The vulnerability is in the LdapNetworkConnector feature specific to Classic ActiveMQ, which allows an attacker with LDAP write access to instantiate denied transports and spawn a rogue broker. This feature is not configured or used in any Red Hat product deployment. Red Hat AMQ Broker is based on Apache ActiveMQ Artemis, a separate codebase that does not include the LdapNetworkConnector. Red Hat severity: Important — CVSS 7.6 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H). Weakness: CWE-90. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
Mitigation checklist
- Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.