CVE-2020-14348

Published: Sep 16, 2020Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the failure of creating addresses, though this does not impact upon already existing messaging clients or brokers.

Affected (1)

Products: Redhat: Amq Online

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Amq Online	Before 1.5.2

Related CWEs

Uncaught Exception

An exception is thrown from a function, but it is not caught.

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (2)

https://bugzilla.redhat.com/show_bug.cgi?id=1861814

Source: secalert@redhat.com

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=1861814

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

Timeline

No history available yet.