Security Bulletin: 5 (AMPS 2018-12-06)


Summary: 60East has become aware of a security vulnerability in AMPS. This vulnerability occurs 
when WRITE entitlement filters are not correctly applied to sow_delete commands in cases where the command used a hash index or the primary key field(s). A user could potentially delete messages that should have been disallowed by the filter. This issue applies to sow_delete commands only. Topic entitlements are not affected, nor are other commands. This bulletin applies only to entitlement filters. 

Recommended Action: If your installation uses entitlement filters to enforce content restrictions
to queues or topics in the State-of-the-World, 60East recommends immediately upgrading to, and 

Affected Versions: 

AMPS versions before AMPS, and

Have more questions? Submit a request


Powered by Zendesk