{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-8689", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-09-11T08:21:14.668Z", "datePublished": "2024-09-11T16:42:16.113Z", "dateUpdated": "2024-09-11T18:24:17.891Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ActiveMQ Content Pack", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "1.1.15", "status": "unaffected"}], "lessThan": "1.1.15", "status": "affected", "version": "1.1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Marcel Maeder of Swisscom (Schweiz) AG"}], "datePublic": "2024-09-11T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles."}], "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>"}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 6, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-312", "description": "CWE-312 Cleartext Storage of Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-09-11T16:42:16.113Z"}, "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-8689"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from <a target=\"_blank\" rel=\"nofollow\" href=\"https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/\">https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/</a>.<br><br>You should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials.<br>"}], "value": "This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/ .\n\nYou should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials."}], "source": {"defect": ["CRTX-105751"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2024-09-11T16:00:00.000Z", "value": "Initial publication"}], "title": "ActiveMQ Content Pack: Cleartext Exposure of Credentials", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-11T18:23:33.866342Z", "id": "CVE-2024-8689", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T18:24:17.891Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-8689", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-11T18:23:33.866342Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T18:24:14.316Z"}}], "cna": {"title": "ActiveMQ Content Pack: Cleartext Exposure of Credentials", "source": {"defect": ["CRTX-105751"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Marcel Maeder of Swisscom (Schweiz) AG"}], "impacts": [{"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 6, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "ActiveMQ Content Pack", "versions": [{"status": "affected", "changes": [{"at": "1.1.15", "status": "unaffected"}], "version": "1.1.0", "lessThan": "1.1.15", "versionType": "custom"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2024-09-11T16:00:00.000Z", "value": "Initial publication"}], "solutions": [{"lang": "en", "value": "This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/ .\n\nYou should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials.", "supportingMedia": [{"type": "text/html", "value": "This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from <a target=\"_blank\" rel=\"nofollow\" href=\"https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/\">https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/</a>.<br><br>You should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials.<br>", "base64": false}]}], "datePublic": "2024-09-11T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-8689"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.", "supportingMedia": [{"type": "text/html", "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-312", "description": "CWE-312 Cleartext Storage of Sensitive Information"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-09-11T16:42:16.113Z"}}}, "cveMetadata": {"cveId": "CVE-2024-8689", "state": "PUBLISHED", "dateUpdated": "2024-09-11T18:24:17.891Z", "dateReserved": "2024-09-11T08:21:14.668Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2024-09-11T16:42:16.113Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles."}, {"lang": "es", "value": "Un problema con la integraci\u00f3n de ActiveMQ tanto para Cortex XSOAR como para Cortex XSIAM puede provocar la exposici\u00f3n de texto plano de las credenciales de ActiveMQ configuradas en paquetes de registros."}], "id": "CVE-2024-8689", "lastModified": "2024-09-12T12:35:54.013", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "NO", "availabilityRequirements": "NOT_DEFINED", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "recovery": "AUTOMATIC", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber", "version": "4.0", "vulnerabilityResponseEffort": "MODERATE", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "NONE"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2024-09-11T17:15:14.380", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2024-8689"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}