Medium severity5.5NVD Advisory· Published Jun 26, 2020· Updated Jun 17, 2026
CVE-2020-10727
CVE-2020-10727
Description
A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the resetUsers operation. A local attacker can use this flaw to read the contents of the Artemis shadow file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.activemq:artemis-commonsMaven | >= 2.7.0, < 2.13.0 | 2.13.0 |
Affected products
4- cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
- Range: version 2.7.0 up until 2.12.0
Patches
Vulnerability mechanics
References
6- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-q9g8-9hpp-xc82ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-10727ghsaADVISORY
- security.netapp.com/advisory/ntap-20210827-0001/nvdThird Party Advisory
- issues.redhat.com/browse/ENTMQBR-3435nvdPermissions RequiredWEB
- security.netapp.com/advisory/ntap-20210827-0001ghsaWEB
News mentions
0No linked articles in our index yet.