| CVE-2017-15709 - Information Leak | |
| Severity: Low | |
| Vendor: | |
| The Apache Software Foundation | |
| Versions Affected: | |
| Apache ActiveMQ 5.14.0 - 5.15.2 | |
| Description: | |
| When using the OpenWire protocol it was found that certain system details (such as the OS and kernel version) are exposed as plain text. | |
| Mitigation: | |
| Use a TLS enabled transport or upgrade to Apache ActiveMQ 5.15.3. | |
| Credit: | |
| This issue was discovered by QingTeng cloud Security of Minded Security Researcher jianan.huang |