Apache TomEE Security Bypass Vulnerability.
Apache TomEE is prone to a security bypass vulnerability.
The vulnerability is caused due to a misconfiguring issue when configured with the embedded ActiveMQ broker.
An unauthenticated remote attacker can exploit this vulnerability by sending a specially-crafted request.
However, Successful exploitation can enable an attacker to enable a JMX port on TCP port 1099 without authentication.
|CVSS v3.0 Score||Base Score: 9.8|
|CVSS v2.0 Score||Base Score: 10|
However, Apache has released security updates regarding this vulnerability.
Below are the affected Apache TomEE:
- Apache TomEE 8.0.0-M1 – 8.0.3
- Apache TomEE 7.1.0 – 7.1.3
- Apache TomEE 7.0.0-M1 – 7.0.8
- also, Apache TomEE 1.0.0 – 1.7.5
Importantly, CVE-2020-11969 previously addressed the creation of the JMX management interface, however, the incomplete fix did not cover this edge case.
It is highly recommended to upgrade to the below versions
- Upgrade to TomEE 7.0.9 or later
- Upgrade to TomEE 7.1.4 or later
- Upgrade to TomEE 8.0.4 or later