Miggo Logo
Miggo Vulnerability Database
CVE-2014-3576

CVE-2014-3576: Improper Neutralization of Special Elements used in an OS Command in Apache ActiveMQ

7.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2014-3576
GHSA ID
GHSA-3wfj-vh84-732p
EPSS Score
0.94316%
CWE
CWE-78
Published
5/14/2022
Updated
12/20/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.activemq:activemq-clientmaven< 5.11.05.11.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the removed code in processControlCommand shown in the commit diff - it checked for a 'shutdown' control command and called System.exit(0). This allowed unauthenticated remote attackers to send a shutdown command and terminate the broker process. The function's direct handling of the shutdown command without authentication/authorization mechanisms constitutes the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** pro**ss*ontrol*omm*n* *un*tion in *rok*r/Tr*nsport*onn**tion.j*v* in *p**** **tiv*MQ ***or* *.**.* *llows r*mot* *tt**k*rs to **us* * **ni*l o* s*rvi** (s*ut*own) vi* * s*ut*own *omm*n*.

Reasoning

T** vuln*r**ility st*ms *rom t** r*mov** *o** in `pro**ss*ontrol*omm*n*` s*own in t** *ommit *i** - it ****k** *or * 's*ut*own' *ontrol *omm*n* *n* **ll** `Syst*m.*xit(*)`. T*is *llow** un*ut**nti**t** r*mot* *tt**k*rs to s*n* * s*ut*own *omm*n* *n*