{
  "threat_severity" : "Moderate",
  "public_date" : "2020-06-25T00:00:00Z",
  "bugzilla" : {
    "description" : "broker: resetUsers operation stores password in plain text",
    "id" : "1827200",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1827200"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-522",
  "details" : [ "A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. A local attacker can use this flaw to read the contents of the Artemis shadow file.", "A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. A local attacker can use this flaw to read the contents of the Artemis shadow file." ],
  "acknowledgement" : "Red Hat would like to thank Justin Bertram (Reporter) for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat AMQ",
    "release_date" : "2020-06-25T00:00:00Z",
    "advisory" : "RHSA-2020:2751",
    "cpe" : "cpe:/a:redhat:amq_broker:7",
    "package" : "broker"
  }, {
    "product_name" : "Red Hat AMQ",
    "release_date" : "2020-07-23T00:00:00Z",
    "advisory" : "RHSA-2020:3133",
    "cpe" : "cpe:/a:redhat:amq_broker:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-10727\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10727\nhttps://issues.redhat.com/browse/ENTMQBR-3435" ],
  "name" : "CVE-2020-10727",
  "mitigation" : {
    "value" : "When resetting a user an alternative is to use the broker instance CLI `/bin/artemis user reset` which is not affected by the flaw",
    "lang" : "en:us"
  },
  "csaw" : false
}