CVE-2025-4057

Summary

A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.

Affected Software

VendorProductVersion RangeStatus
0 < 2.0.3affected
Red HatRHEL-8 based Middleware Containers7.12.5-2 < *unaffected
Red HatRHEL-8 based Middleware Containers7.12.5-2 < *unaffected
Red HatRHEL-8 based Middleware Containers7.12.5-2 < *unaffected
Red HatRHEL-8 based Middleware Containers7.12.5-2 < *unaffected

Weaknesses

  • CWE-1391: Use of Weak Credentials

Workarounds

Currently, no mitigation is available for this vulnerability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References