FKIE_CVE-2026-22886

Vulnerability from fkie_nvd - Published: 2026-03-03 10:16 - Updated: 2026-04-09 19:47
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires authentication. However, the product ships with a default administrative account (admin/ admin) and does not enforce a mandatory password change on first use. After the first successful login, the server continues to accept the default password indefinitely without warning or enforcement. In real-world deployments, this service is often left enabled without changing the default credentials. As a result, a remote attacker with access to the service port could authenticate as an administrator and gain full control of the protocol’s administrative features.
References
emo@eclipse.orghttps://gitlab.eclipse.org/security/cve-assignment/-/issues/85Issue Tracking, Vendor Advisory
Impacted products
Vendor Product Version
eclipse openmq *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eclipse:openmq:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24992257-6690-46E1-962A-2D9CE0815B85",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires\nauthentication. However, the product ships with a default administrative account (admin/\nadmin) and does not enforce a mandatory password change on first use. After the first\nsuccessful login, the server continues to accept the default password indefinitely without\nwarning or enforcement.\n\n\nIn real-world deployments, this service is often left enabled without changing the default\ncredentials. As a result, a remote attacker with access to the service port could authenticate\nas an administrator and gain full control of the protocol\u2019s administrative features."
    },
    {
      "lang": "es",
      "value": "OpenMQ expone un servicio de gesti\u00f3n basado en TCP (imqbrokerd) que por defecto requiere autenticaci\u00f3n. Sin embargo, el producto se env\u00eda con una cuenta administrativa por defecto (admin/admin) y no impone un cambio de contrase\u00f1a obligatorio en el primer uso. Despu\u00e9s del primer inicio de sesi\u00f3n exitoso, el servidor contin\u00faa aceptando la contrase\u00f1a por defecto indefinidamente sin advertencia ni imposici\u00f3n.\n\nEn implementaciones del mundo real, este servicio a menudo se deja habilitado sin cambiar las credenciales por defecto. Como resultado, un atacante remoto con acceso al puerto del servicio podr\u00eda autenticarse como administrador y obtener control total de las caracter\u00edsticas administrativas del protocolo."
    }
  ],
  "id": "CVE-2026-22886",
  "lastModified": "2026-04-09T19:47:40.263",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "emo@eclipse.org",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-03T10:16:06.267",
  "references": [
    {
      "source": "emo@eclipse.org",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/85"
    }
  ],
  "sourceIdentifier": "emo@eclipse.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1391"
        },
        {
          "lang": "en",
          "value": "CWE-1392"
        },
        {
          "lang": "en",
          "value": "CWE-1393"
        }
      ],
      "source": "emo@eclipse.org",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.