SecuritySpace - CVE-2021-26117

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID:	CVE-2021-26117
Description:	The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password.
Test IDs:	1.3.6.1.4.1.25623.1.0.892583 1.3.6.1.4.1.25623.1.1.1.2.2023.3657 1.3.6.1.4.1.25623.1.0.145275
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-26117 https://security.netapp.com/advisory/ntap-20210304-0008/ https://mail-archives.apache.org/mod_mbox/activemq-users/202101.mbox/%3cCAH+vQmMeUEiKN4wYX9nLBbqmFZFPXqajNvBKmzb2V8QZANcSTA@mail.gmail.com%3e https://mail-archives.apache.org/mod_mbox/activemq-users/202101.mbox/%3cCAH+vQmMeUEiKN4wYX9nLBbqmFZFPXqajNvBKmzb2V8QZANcSTA@mail.gmail.com%3e https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.apache.org/thread.html/rffa5cd05d01c4c9853b17f3004d80ea6eb8856c422a8545c5f79b1a6@%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/r70389648227317bdadcdecbd9f238571a6047469d156bd72bb0ca2f7@%3Cgitbox.activemq.apache.org%3E https://lists.apache.org/thread.html/rec93794f8aeddf8a5f1a643d264b4e66b933f06fd72a38f31448f0ac@%3Cgitbox.activemq.apache.org%3E https://lists.apache.org/thread.html/r5899ece90bcae5805ad6142fdb05c58595cff19cb2e98cc58a91f55b@%3Cgitbox.activemq.apache.org%3E https://lists.apache.org/thread.html/raea451de09baed76950d6a60cc4bb1b74476c505e03205a3c68c9808@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r110cacfa754471361234965ffe851a046e302ff2693b055f49f47b02@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r22cdc0fb45e223ac92bc2ceff7af92f1193dfc614c8b248534456229@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/ra255ddfc8b613b80e9fa22ff3e106168b245f38a22316bfb54d21159@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/rd75600cee29cb248d548edcf6338fe296466d63a69e2ed0afc439ec7@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r3341d96d8f956e878fb7b463b08d57ca1d58fec9c970aee929b58e0d@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r519bfafd67091d0b91243efcb1c49b1eea27321355ba5594f679277d@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/rd05b1c9d61dbd220664d559aa0e2b55e5830f006a09e82057f3f7863@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/re1b98da90a5f2e1c2e2d50e31c12e2578d61fe01c0737f9d0bd8de99@%3Cannounce.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html