CVE-2021-26117

CVE-2021-26117

The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password.

Source: CVE-2021-26117

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다