CVE-2017-15709 - Information Leak | |
Severity: Low | |
Vendor: | |
The Apache Software Foundation | |
Versions Affected: | |
Apache ActiveMQ 5.14.0 - 5.15.2 | |
Description: | |
When using the OpenWire protocol it was found that certain system details (such as the OS and kernel version) are exposed as plain text. | |
Mitigation: | |
Use a TLS enabled transport or upgrade to Apache ActiveMQ 5.15.3. | |
Credit: | |
This issue was discovered by QingTeng cloud Security of Minded Security Researcher jianan.huang |