Showing 1 - 1 of 1

CVE-2020-14319

Status Candidate

Overview

It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authorised users using an older browser with Adobe Flash are vulnerable when targeted by an attacker. This flaw affects all versions of AMQ-Online prior to 1.5.2 and Enmasse versions 0.31.0-rc1 up until but not including 0.32.2.

Related Files

Red Hat Security Advisory 2020-3209-01: Posted Jul 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3209-01 - The release of Red Hat AMQ Online 1.5.2 serves as a replacement for AMQ Online 1.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include XML injection and cross site request forgery vulnerabilities.; tags | advisory, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-13692, CVE-2020-14319; SHA-256 | d53f4c95584a5321010758f4597001f52e3b2733be2f86f69434037c5d8129a3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 134 files
Ubuntu 91 files
indoushka 33 files
Debian 22 files
nu11secur1ty 15 files
Gentoo 13 files
Apple 13 files
Google Security Research 8 files
CraCkEr 6 files
mjurczyk 4 files

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,846)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,335)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,841)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,925)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,949)
UNIX (9,317)
UnixWare (186)
Windows (6,590)
Other

CVE-2020-14319

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems