While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2021-1379 | While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error. |
![]() |
GHSA-q7fr-vqhq-v5xr | Apache ActiveMQ Artemis vulnerable to Improper Access Control |
Fixes
Solution
No solution given by the vendor.
Workaround
Upgrade to Apache ActiveMQ Artemis 2.16.0
References
History
No history.

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-02-13T16:27:51.360Z
Reserved: 2021-01-25T00:00:00.000Z
Link: CVE-2021-26118

No data.

Status : Modified
Published: 2021-01-27T19:15:13.780
Modified: 2024-11-21T05:55:54.040
Link: CVE-2021-26118


No data.