CyberRota
← Ana sayfaya dön

CVE-2026-49877

HIGH · CVSS 8.1

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-30T11:16:29.503 · Çekilme zamanı: 2026-06-30T18:37:36.029581+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-49877
Severity
HIGH
CVSS
8.1
EPSS
Yok
Apache

Orijinal NVD Açıklaması

Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.