{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-01T00:32:49.082","vulnerabilities":[{"cve":{"id":"CVE-2021-3763","sourceIdentifier":"secalert@redhat.com","published":"2022-08-23T16:15:09.790","lastModified":"2026-06-17T04:05:43.130","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity."},{"lang":"es","value":"Se ha encontrado un fallo en la consola de administración de Red Hat AMQ Broker en versión 7.8, en el que un usuario presente puede acceder a determinada información limitada incluso cuando el rol al que está asignado el usuario no debería permitir el acceso a la consola de gestión. El principal impacto es en la confidencialidad, ya que este fallo significa que algunas vinculaciones de rol son comprobados de forma incorrecta, son divulgados algunos metadatos privilegiados como los nombres de las colas y los detalles de configuración, pero el impacto es limitado, ya que no puede accederse a toda la información y no afecta a la integridad."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"n/a","product":"AMQ Broker","versions":[{"version":"Fixed in amq-7.9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:amq_broker:7.8.0:*:*:*:*:*:*:*","matchCriteriaId":"C0353B01-42C3-4F5D-A5CE-58F11DCB4AF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:amq_broker:7.8.1:*:*:*:*:*:*:*","matchCriteriaId":"43295599-4DC6-4F54-9B75-44CF941813CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:amq_broker:7.8.2:*:*:*:*:*:*:*","matchCriteriaId":"032E03C4-1DF8-4F3F-8346-B674FD6765E1"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2021-3763","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2000654","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://issues.redhat.com/browse/ENTMQBR-5372","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2021-3763","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2000654","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://issues.redhat.com/browse/ENTMQBR-5372","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}