Fuse Mq Enterprise CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2013-3060	2 Apache, Redhat	3 Activemq, Fuse Message Broker, Fuse Mq Enterprise	2025-04-11	N/A
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
CVE-2012-6551	2 Apache, Redhat	2 Activemq, Fuse Mq Enterprise	2025-04-11	N/A
The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
CVE-2011-4461	3 Mortbay, Oracle, Redhat	5 Jetty, Sun Storage Common Array Manager, Fuse Esb Enterprise and 2 more	2025-04-11	N/A
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

« first previous Page 2 of 2.