Primary

Context

ActiveMQ Artemis Password Regeneration Flaw in AMQ Broker Operator

Vulnerability

Patched

A vulnerability exists in ActiveMQ Artemis within the AMQ Broker Operator. The issue arises because the operator-generated passwords do not refresh between different Custom Resource (CR) dependencies. This flaw affects several starting credentials, including AMQ_PASSWORD, AMQ_USER, AMQ_CLUSTER_PASSWORD, and AMQ_CLUSTER_USER, which fail to regenerate between separate CR instances.

Impact

This vulnerability leads to the reuse of starting credentials, which can create security risks by allowing unauthorized access or actions under the identity of the reused credentials.

Remediation

Users can update to the latest AMQ Broker version 7.13.0.OPR.1.GA, which addresses this vulnerability. Instructions for updating can be found in the Red Hat AMQ Broker 7 documentation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

3.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

3.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ActiveMQ Artemis Password Regeneration Flaw in AMQ Broker Operator

Vulnerability

Impact

Remediation

Affected Products

Red Hat AMQ Broker

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating