Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2015-5182

Published: 25/09/2017 Updated: 13/02/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Amq

Vulnerability Summary

Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat amq -

Vendor Advisories

Red Hat: CVE-2015-5182
It was found that JBoss A-MQ's Jolokia API does not have token or referrer checks, and could possibly allow a cross-site request forgery (CSRF) attack An attacker could use this vulnerability to run application code with the same permissions as an authenticated user ...

References

CWE-352https://bugzilla.redhat.com/show_bug.cgi?id=1248809https://lists.apache.org/thread.html/rb280e767ab199767e07a367f287ba08a9692fa76e2da4a20d50d07c4%40%3Cdev.activemq.apache.org%3Ehttps://lists.apache.org/thread.html/9e3391878c6840b294155f7ba6ccb47586e317f85c1bbd15c4608bd0%40%3Cdev.activemq.apache.org%3Ehttps://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-5182
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook