漏洞类别:CGI
漏洞等级: 
漏洞信息
Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service (JMS) client.
The admin interface of Apache ActiveMQ is accessible using default credentials - admin:admin.
QID Detection Logic:
This QID launches a request directed at the Apache ActiveMQ administration console with default credentials.
漏洞危害
Successfully exploiting this issue may allow attackers to obtain administrative access to the application.
解决方案
Customers are advised to change the default passwords by editing the ${ACTIVEMQ_HOME}/conf/jetty.xml file.
0day
文章评论