Moderate severityNVD Advisory· Published Jan 5, 2012· Updated Jun 16, 2026
CVE-2011-4905
CVE-2011-4905
Description
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.activemq:activemq-coreMaven | < 5.6.0 | 5.6.0 |
Affected products
33cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*+ 31 more
- cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*range: <=5.5.1
- cpe:2.3:a:apache:activemq:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:m4:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
13- issues.apache.org/jira/browse/AMQ-3294nvdExploitWEB
- secunia.com/advisories/47112nvdVendor Advisory
- github.com/advisories/GHSA-9wcx-326r-7j7wghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-4905ghsaADVISORY
- openwall.com/lists/oss-security/2011/12/25/2nvdWEB
- openwall.com/lists/oss-security/2011/12/25/6nvdWEB
- svn.apache.org/viewvcnvdWEB
- svn.apache.org/viewvcnvdWEB
- github.com/apache/activemq/commit/3a71f8e33d0309cb0ca5b5758a8f251da205e757ghsaWEB
- github.com/apache/activemq/commit/9df9d3e89140b7329654ad5675259ec6f0c4b3a7ghsaWEB
- github.com/apache/activemq/commit/da7f9962c640666a743675085922bf75a656f81bghsaWEB
- issues.apache.org/jira/browse/AMQ-1928ghsaWEB
- www.securityfocus.com/bid/50904nvd
News mentions
0No linked articles in our index yet.