A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.
History

Wed, 11 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 11 Sep 2024 17:00:00 +0000

Type Values Removed Values Added
Description A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.
Title ActiveMQ Content Pack: Cleartext Exposure of Credentials
Weaknesses CWE-312
References
Metrics cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber'}


cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-09-11T16:42:16.113Z

Updated: 2024-09-11T18:24:17.891Z

Reserved: 2024-09-11T08:21:14.668Z

Link: CVE-2024-8689

cve-icon Vulnrichment

Updated: 2024-09-11T18:24:14.316Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-11T17:15:14.380

Modified: 2024-09-12T12:35:54.013

Link: CVE-2024-8689

cve-icon Redhat

No data.