Moderate severityNVD Advisory· Published Apr 21, 2013· Updated Jun 16, 2026
CVE-2013-3060
CVE-2013-3060
Description
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.activemq:activemq-clientMaven | < 5.8.0 | 5.8.0 |
Affected products
21cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*range: <=5.7.0
- cpe:2.3:a:apache:activemq:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:m4:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
13- github.com/advisories/GHSA-p358-58jj-hp65ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-3060ghsaADVISORY
- activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.htmlnvdWEB
- activemq.apache.org/activemq-580-release.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-1029.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-1221.htmlnvdWEB
- fisheye6.atlassian.com/changelog/activemqnvdWEB
- github.com/apache/activemq/commit/22bc55b9487df98a3c3cb04f99f4618fcba364feghsaWEB
- github.com/apache/activemq/commit/437ea2f6e58d18837ae0e68dcd2fdadc1fff3723ghsaWEB
- github.com/apache/activemq/commit/ced33d2551a040813cb40bd6d36fdd322034fa73ghsaWEB
- issues.apache.org/jira/browse/AMQ-4124nvdWEB
- issues.apache.org/jira/secure/ReleaseNote.jspanvdWEB
- www.securityfocus.com/bid/59402nvd
News mentions
0No linked articles in our index yet.