Details
-
Bug
-
Status: Closed
-
Blocker
-
Resolution: Invalid
-
5.15.4
-
None
-
None
Description
CVE-2015-5183 Severity:High CVSS Score: 7.5 (AV:N/AC:L/Au:N/C/I/A)
CWE: CWE-254 Security Features
The Hawtio console in A-MQ does not set HTTPOnly or Secure attributes on cookies.
CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1249182
Vulnerable Software & Versions:
cpe:/a:apache:activemq:-
CVE-2015-5184 Severity:High CVSS Score: 7.5 (AV:N/AC:L/Au:N/C/I/A)
CWE: CWE-254 Security Features
The Hawtio console in A-MQ allows remote attackers to obtain sensitive information and perform other unspecified impact.
CONFIRM - https://bugzilla.redhat.c