English
EN
Français
FR
Language
English
EN
Français
FR

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

DNA View

CVE-2013-3060

Low
Low Medium High Critical
CVSS Score
Published: Apr 21, 2013
Last Modified: Apr 11, 2025
CWE: CWE-287

Vulnerability Description

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.

Known Affected Software

32 configuration(s) from 1 vendor(s)

activemq
Version:
3.2.2
CPE:
cpe:2.3:a:apache:activemq:3.2.2:*:*:*:*:*:*:*
activemq
Version:
4.0.2
CPE:
cpe:2.3:a:apache:activemq:4.0.2:*:*:*:*:*:*:*
activemq
Version:
5.4.2
CPE:
cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
activemq
Version:
2.0
CPE:
cpe:2.3:a:apache:activemq:2.0:*:*:*:*:*:*:*
activemq
Version:
3.0
CPE:
cpe:2.3:a:apache:activemq:3.0:*:*:*:*:*:*:*
activemq
Version:
5.3.0
CPE:
cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
activemq
Version:
1.5
CPE:
cpe:2.3:a:apache:activemq:1.5:*:*:*:*:*:*:*
activemq
Version:
5.4.3
CPE:
cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
activemq
Version:
5.0.0
CPE:
cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
activemq
Version:
3.2
CPE:
cpe:2.3:a:apache:activemq:3.2:*:*:*:*:*:*:*
activemq
Version:
5.3.2
CPE:
cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
activemq
Version:
4.1.2
CPE:
cpe:2.3:a:apache:activemq:4.1.2:*:*:*:*:*:*:*
activemq
Version:
3.1
CPE:
cpe:2.3:a:apache:activemq:3.1:*:*:*:*:*:*:*
activemq
Version:
1.3
CPE:
cpe:2.3:a:apache:activemq:1.3:*:*:*:*:*:*:*
activemq
Version:
4.0
CPE:
cpe:2.3:a:apache:activemq:4.0:*:*:*:*:*:*:*
activemq
Version:
5.4.1
CPE:
cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
activemq
Version:
5.2.0
CPE:
cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
activemq
Version:
5.3.1
CPE:
cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
activemq
Version:
5.7.0
CPE:
cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
activemq
Version:
1.1
CPE:
cpe:2.3:a:apache:activemq:1.1:*:*:*:*:*:*:*
activemq
Version:
1.4
CPE:
cpe:2.3:a:apache:activemq:1.4:*:*:*:*:*:*:*
activemq
Version:
4.0.1
CPE:
cpe:2.3:a:apache:activemq:4.0.1:*:*:*:*:*:*:*
activemq
Version:
3.2.1
CPE:
cpe:2.3:a:apache:activemq:3.2.1:*:*:*:*:*:*:*
activemq
Version:
1.2
CPE:
cpe:2.3:a:apache:activemq:1.2:*:*:*:*:*:*:*
activemq
Version:
5.1.0
CPE:
cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
activemq
Version:
4.1.0
CPE:
cpe:2.3:a:apache:activemq:4.1.0:*:*:*:*:*:*:*
activemq
Version:
2.1
CPE:
cpe:2.3:a:apache:activemq:2.1:*:*:*:*:*:*:*
activemq
Version:
5.5.1
CPE:
cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
activemq
Version:
5.5.0
CPE:
cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
activemq
Version:
5.4.0
CPE:
cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
activemq
Version:
5.6.0
CPE:
cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
activemq
Version:
4.1.1
CPE:
cpe:2.3:a:apache:activemq:4.1.1:*:*:*:*:*:*:*
This vulnerability affects 32 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

out of 10.0
Low

Weakness Type (CWE)

CWE-287 Top 25 #10

Improper Authentication

Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Exploit Likelihood
High
Typical Severity
High
OWASP Top 10
A07:2021-Identification/Auth Failures
Abstraction Level
Class
View CWE Details on MITRE

Key Information

Published Date
April 21, 2013

External Resources

NIST
NIST NVD
National Vulnerability Database
MT
MITRE CVE
Official CVE record