Apache ActiveMQ Web Console Default Credentials | Tenable®

Home » Activemq Change Default Password » Apache ActiveMQ Web Console Default Credentials | Tenable®

Maybe your like

  • Tenable
  • Plugins
  • Overview
  • Plugins Pipeline
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • Tenable OT Security Families
  • About Plugin Families
  • Release Notes
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
  • Release Notes
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
Detections
  • Plugins
  • Overview
  • Plugins Pipeline
  • Release Notes
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • Tenable OT Security Families
  • About Plugin Families
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
  • Release Notes
Analytics
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
  1. Plugins
  2. Nessus
  3. 81375
  1. Nessus
Apache ActiveMQ Web Console Default Credentials
high Nessus Plugin ID 81375

Language:

English日本語简体中文繁體中文English
  • Information
  • Dependencies
  • Dependents
  • Changelog

Synopsis

A web application administrative console is protected using default credentials.

Description

ActiveMQ Web Console, an administrative interface for Apache ActiveMQ, is protected using default credentials. Note that no authentication mechanism was provided prior to version 5.4.0. However, in version 5.4.0, HTTP Basic Authentication was an option, and starting with version 5.8.0, this was enabled by default.

Solution

Restrict access to ActiveMQ Web Console, using one of the methods described at the referenced URLs, or change the default login credentials.

See Also

http://activemq.apache.org/web-console.html

http://activemq.apache.org/getting-started.html

Plugin Details

Severity: High

ID: 81375

File Name: activemq_web_console_default_creds.nasl

Version: 1.6

Type: remote

Family: CGI abuses

Published: 2/16/2015

Updated: 6/5/2024

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

CVSS Score Rationale: Score based on internal evaluation of the vulnerability by tenable.

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: manual

Vulnerability Information

CPE: cpe:/a:apache:activemq

Required KB Items: installed_sw/Apache ActiveMQ

Excluded KB Items: Settings/disable_cgi_scanning, global_settings/supplied_logins_only

Tag » Activemq Change Default Password