What is CVE-2015-1830?

CVE-2015-1830 is a vulnerability in Apache Activemq, classified under Path Traversal. Published 2015-08-19.

Is CVE-2015-1830 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Apache Activemq

CVE-2015-1830

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vecto…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.860 (99.4th percentile) — read the EPSS interpretation.

Affected products

Apache Activemq — versions 5.0.0, 5.1.0, 5.2.0
Microsoft Windows
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

secalert@redhat.com (x_refsource_CONFIRM)
76452 (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_MISC)
1033315 (vdb-entry, x_refsource_SECTRACK)
[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/ (mailing-list, x_refsource_MLIST)
secalert@redhat.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2015-1830?: CVE-2015-1830 is a vulnerability in Apache Activemq, classified under Path Traversal. Published 2015-08-19.
Is CVE-2015-1830 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.