Description
In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
References (2)
Core 2
Core References
Exploit, Issue Tracking, Mailing List, Third Party Advisory x_refsource_misc
https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20220303-0003/
Scores
CVSS v3
7.5
EPSS
0.0241
EPSS Percentile
85.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-770
Status
published
Products (4)
apache/activemq_artemis
< 2.19.1
netapp/active_iq_unified_manager
netapp/oncommand_workflow_automation
org.apache.activemq/artemis-core-client
0 - 2.19.1Maven
Published
Feb 04, 2022
Tracked Since
Feb 18, 2026