CVE-2020-14348 Vulnerability Details

  /     /     /  

CVE-2020-14348 Metadata Quick Info

CVE Published: 16/09/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: redhat | Vendor: n/a | Product: AMQ
Status : PUBLISHED

---

CVE-2020-14348 Description

It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user\'s AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the failure of creating addresses, though this does not impact upon already existing messaging clients or brokers.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-248
CWE Name: CWE-248
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).