https://bugzilla.redhat.com/show_bug.cgi?id=1858946
Bug ID: 1858946 Summary: CVE-2020-13932 activemq: remote XSS in web console diagram plugin Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: gsuckevi@redhat.com CC: aboyko@redhat.com, aileenc@redhat.com, akoufoud@redhat.com, alazarot@redhat.com, almorale@redhat.com, anstephe@redhat.com, asoldano@redhat.com, atangrin@redhat.com, ataylor@redhat.com, bbaranow@redhat.com, bmaxwell@redhat.com, brian.stansberry@redhat.com, cdewolf@redhat.com, chazlett@redhat.com, darran.lofthouse@redhat.com, dblechte@redhat.com, dfediuck@redhat.com, dkreling@redhat.com, dosoudil@redhat.com, drieden@redhat.com, eedri@redhat.com, etirelli@redhat.com, extras-orphan@fedoraproject.org, ganandan@redhat.com, ggaughan@redhat.com, gmalinko@redhat.com, gvarsami@redhat.com, ibek@redhat.com, iweiss@redhat.com, janstey@redhat.com, java-sig-commits@lists.fedoraproject.org, jawilson@redhat.com, jcoleman@redhat.com, jochrist@redhat.com, jperkins@redhat.com, jstastny@redhat.com, jwon@redhat.com, kconner@redhat.com, krathod@redhat.com, kverlaen@redhat.com, kwills@redhat.com, ldimaggi@redhat.com, lef@fedoraproject.org, lgao@redhat.com, mgoldboi@redhat.com, michal.skrivanek@redhat.com, mnovotny@redhat.com, msochure@redhat.com, msvehla@redhat.com, nwallace@redhat.com, paradhya@redhat.com, pdrozd@redhat.com, pjindal@redhat.com, pmackay@redhat.com, psotirop@redhat.com, puntogil@libero.it, rguimara@redhat.com, rrajasek@redhat.com, rstancel@redhat.com, rsvoboda@redhat.com, rsynek@redhat.com, rwagner@redhat.com, sbonazzo@redhat.com, sdaley@redhat.com, sherold@redhat.com, smaestri@redhat.com, sthorger@redhat.com, tcunning@redhat.com, tkirby@redhat.com, tom.jenkinson@redhat.com, yturgema@redhat.com Target Milestone: --- Classification: Other
A specifically crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and the info section.
Reference: https://activemq.apache.org/security-advisories.data/CVE-2020-13932-announce...
https://bugzilla.redhat.com/show_bug.cgi?id=1858946
Guilherme de Almeida Suckevicz gsuckevi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1858947
https://bugzilla.redhat.com/show_bug.cgi?id=1858946
Paramvir jindal pjindal@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |Apache ActiveMQ Artemis | |2.14.0
https://bugzilla.redhat.com/show_bug.cgi?id=1858946
--- Comment #7 from Jonathan Christison jochrist@redhat.com --- Marking Fuse 7 as Not Affected, it does not ship or use the org.apache.activemq:artemis-plugin:war:* artifact
https://bugzilla.redhat.com/show_bug.cgi?id=1858946
--- Comment #10 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat AMQ
Via RHSA-2020:5365 https://access.redhat.com/errata/RHSA-2020:5365
https://bugzilla.redhat.com/show_bug.cgi?id=1858946
errata-xmlrpc errata-xmlrpc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Link ID| |Red Hat Product Errata | |RHSA-2020:5365
https://bugzilla.redhat.com/show_bug.cgi?id=1858946
Product Security DevOps Team prodsec-dev@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |ERRATA Last Closed| |2020-12-08 11:02:41
--- Comment #11 from Product Security DevOps Team prodsec-dev@redhat.com --- This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2020-13932
https://bugzilla.redhat.com/show_bug.cgi?id=1858946
--- Doc Text *updated* by Eric Christensen sparks@redhat.com --- A flaw was found in activemq. A specifically crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and the info section.
java-sig-commits@lists.fedoraproject.org