rhsa-2025:12355
Vulnerability from csaf_redhat
Published
2025-07-31 11:18
Modified
2025-07-31 19:38
Summary
Red Hat Security Advisory: AMQ Broker 7.12.5.OPR.1.GA Container Images release and security update
Notes
Topic
This is the multiarch release of the AMQ Broker 7.12.5 aligned Operator and associated container images on Red Hat Enterprise Linux for the OpenShift Container Platform.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.
This release of Red Hat AMQ Broker 7.12.5 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
For information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is the multiarch release of the AMQ Broker 7.12.5 aligned Operator and associated container images on Red Hat Enterprise Linux for the OpenShift Container Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.\n\nThis release of Red Hat AMQ Broker 7.12.5 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2025-4057) activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12355",
"url": "https://access.redhat.com/errata/RHSA-2025:12355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification#moderate",
"url": "https://access.redhat.com/security/updates/classification#moderate"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/",
"url": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/"
},
{
"category": "external",
"summary": "2362827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
},
{
"category": "external",
"summary": "ENTMQBR-9820",
"url": "https://issues.redhat.com/browse/ENTMQBR-9820"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12355.json"
}
],
"title": "Red Hat Security Advisory: AMQ Broker 7.12.5.OPR.1.GA Container Images release and security update",
"tracking": {
"current_release_date": "2025-07-31T19:38:43+00:00",
"generator": {
"date": "2025-07-31T19:38:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12355",
"initial_release_date": "2025-07-31T11:18:34+00:00",
"revision_history": [
{
"date": "2025-07-31T11:18:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-31T11:18:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-31T19:38:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"product": {
"name": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"product_id": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"product": {
"name": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"product_id": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"product": {
"name": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"product_id": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"product": {
"name": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"product_id": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"product": {
"name": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"product_id": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"product": {
"name": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"product_id": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator-bundle\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"product": {
"name": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"product_id": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"product": {
"name": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"product_id": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
"product": {
"name": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
"product_id": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"product": {
"name": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"product_id": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"product": {
"name": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"product_id": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"product": {
"name": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"product_id": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8\u0026tag=7.12.5-2"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"product": {
"name": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"product_id": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.12.5-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x"
},
"product_reference": "amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64"
},
"product_reference": "amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64"
},
"product_reference": "amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le"
},
"product_reference": "amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64"
},
"product_reference": "amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64"
},
"product_reference": "amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x"
},
"product_reference": "amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le"
},
"product_reference": "amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64"
},
"product_reference": "amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x"
},
"product_reference": "amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64"
},
"product_reference": "amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64"
},
"product_reference": "amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
},
"product_reference": "amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4057",
"cwe": {
"id": "CWE-1391",
"name": "Use of Weak Credentials"
},
"discovery_date": "2025-04-29T02:06:56.641000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2362827"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4057"
},
{
"category": "external",
"summary": "RHBZ#2362827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362827"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4057"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4057"
},
{
"category": "external",
"summary": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a",
"url": "https://github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35a"
},
{
"category": "external",
"summary": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130",
"url": "https://github.com/arkmq-org/activemq-artemis-operator/issues/1130"
}
],
"release_date": "2025-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-31T11:18:34+00:00",
"details": "To update to the latest image please refer to the AMQ container images in the Red Hat Container catalog.",
"product_ids": [
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12355"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "activemq-artemis-operator: AMQ Broker Operator Starting Credentials Reuse"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…