CVE-2015-7559 vulnerability in Apache and Other Products
Published on August 1, 2019
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
Weakness Type
Missing Authentication for Critical Function
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Products Associated with CVE-2015-7559
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-7559 are published in these products:
Affected Versions
Apache ActiveMQ Version 5.15.5 is affected by CVE-2015-7559Exploit Probability
EPSS
0.08%
Percentile
24.03%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.