CVE-2021-3763

Name: CVE-2021-3763
Creator: NVD / NIST
Published: 2022-08-23T16:15:09.79+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.3/10EPSS 0.56%

Last modified Jun 17, 2026

CVE-2021-3763 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity.. EPSS estimates a 0.56% chance of exploitation in the next 30 days.

Description

A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity.

Metrics

CVSS 3.1

4.3/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS Probability

0.56%

42.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Redhat	Amq Broker	7.8.0
Redhat	Amq Broker	7.8.1
Redhat	Amq Broker	7.8.2

References

https://access.redhat.com/security/cve/CVE-2021-3763Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2000654Issue Tracking, Vendor Advisory
https://issues.redhat.com/browse/ENTMQBR-5372Vendor Advisory
https://access.redhat.com/security/cve/CVE-2021-3763Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2000654Issue Tracking, Vendor Advisory
https://issues.redhat.com/browse/ENTMQBR-5372Vendor Advisory

Timeline

Published: Aug 23, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-3763?

How severe is CVE-2021-3763?

CVE-2021-3763 has a CVSS score of 4.3/10 (MEDIUM severity). The EPSS model estimates a 0.56% probability of exploitation in the next 30 days.

How do I fix CVE-2021-3763?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-3763?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST