Candidate: CVE-2015-7559
PublicDate: 2019-08-01 14:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7559
 https://issues.apache.org/jira/browse/AMQ-6470
Description:
 It was found that the Apache ActiveMQ client before 5.15.5 exposed a remote
 shutdown command in the ActiveMQConnection class. An attacker logged into a
 compromised broker could use this flaw to achieve denial of service on a
 connected client.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H [4.9 MEDIUM]

Patches_activemq:
upstream_activemq: released (5.14.3-3)
precise_activemq: ignored (reached end-of-life)
precise/esm_activemq: DNE (precise was needed)
trusty_activemq: released (5.6.0+dfsg-1+deb7u3build0.14.04.1)
trusty/esm_activemq: DNE (trusty was released [5.6.0+dfsg-1+deb7u3build0.14.04.1])
vivid/stable-phone-overlay_activemq: DNE
vivid/ubuntu-core_activemq: DNE
xenial_activemq: ignored (end of standard support, was needed)
yakkety_activemq: ignored (reached end-of-life)
zesty_activemq: ignored (reached end-of-life)
artful_activemq: not-affected (5.14.3-3)
bionic_activemq: not-affected (5.14.3-3)
cosmic_activemq: not-affected (5.14.3-3)
disco_activemq: not-affected (5.14.3-3)
eoan_activemq: not-affected (5.14.3-3)
focal_activemq: not-affected (5.14.3-3)
groovy_activemq: not-affected (5.14.3-3)
hirsute_activemq: not-affected (5.14.3-3)
impish_activemq: not-affected (5.14.3-3)
jammy_activemq: not-affected (5.14.3-3)
devel_activemq: not-affected (5.14.3-3)