Description
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7559
https://issues.apache.org/jira/browse/AMQ-6470
Related Vulnerabilities
CVE-2013-4590 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-jasper
CVE-2023-36478 Vulnerability in maven package org.eclipse.jetty:jetty-http
CVE-2023-50730 Vulnerability in maven package org.typelevel:grackle-core_3
CVE-2021-21624 Vulnerability in maven package org.jenkins-ci.plugins:role-strategy