Vulnerability on Active MQ process on port 8161

Document ID : KB000097680
Last Modified Date : 25/06/2018
Show Technical Document Details
The"Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service (JMS) client. The admin interface of Apache ActiveMQ is accessible using default credentials - admin:admin. QID Detection Logic: This QID launches a request directed at the Apache ActiveMQ administration console with default credentials."

Successfully exploiting this issue may allow attackers to obtain administrative access to the application.

Service Operations Insight 4.2
The vulnerability can be taken care by updating file in <activemq installed location>\conf folder

For example
C:\Program Files (x86)\CA\SOI\apache-activemq\conf

The password is mentioned as follows
# Defines users that can access the web (console, demo, etc.)
# username: password [,rolename ...]
admin: admin, admin
user: user, user

Change the password and save the file.

This needs restart the SOI MQ server and SOI Application server  services