Moderate severityNVD Advisory· Published Apr 5, 2010· Updated Jun 16, 2026
CVE-2010-1244
CVE-2010-1244
Description
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.activemq:activemq-parentMaven | < 5.3.1 | 5.3.1 |
Affected products
24cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*range: <=5.3.0
- cpe:2.3:a:apache:activemq:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:m4:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
9- activemq.apache.org/activemq-531-release.htmlnvdPatchWEB
- issues.apache.org/activemq/browse/AMQ-2613nvdExploitWEB
- issues.apache.org/activemq/browse/AMQ-2625nvdExploitWEB
- secunia.com/advisories/39223nvdVendor AdvisoryWEB
- github.com/advisories/GHSA-33j4-8vcr-f79vghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2010-1244ghsaADVISORY
- exchange.xforce.ibmcloud.com/vulnerabilities/57398nvdWEB
- github.com/apache/activemq/commit/1f464b9412e1b1c08d40c8ffac40edd52731da48ghsaWEB
- github.com/apache/activemq/commit/f3d4034e2a7cee7b1f88c7e6b0d1d69458e1bcf0ghsaWEB
News mentions
0No linked articles in our index yet.