A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.
amq7/amq Red Hat / RHEL
Fixed in: broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le RHSA-2025:12355 Fixed in: broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64 RHSA-2025:12355 Fixed in: broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x RHSA-2025:12355 Fixed in: broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64 RHSA-2025:12355 amq7/amq Rocky
Fixed in: broker-rhel8@sha256:676fe91b093b92ef26d08218b740c6979fa4d2ef8dd57b6586b2f9c1dcb4eb13_arm64 RHSA-2025:12355 Fixed in: broker-rhel8@sha256:5832f54db15d3cf5dcc345e939ad1a5710a81ef6c5b0ba2f4d9e7b05970e5981_s390x RHSA-2025:12355 Fixed in: broker-rhel8@sha256:ade15c37015c8cdd2df00ea264dd791ca3677745cd217e19bbd2b7db3acc4d6a_amd64 RHSA-2025:12355 Fixed in: broker-rhel8@sha256:e183277b7d15b414db4cf44c2f8e367d79b01dbe31882b8eb790bf34a2ba3191_ppc64le RHSA-2025:12355 amq7/amq-broker Rocky
Fixed in: init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64 RHSA-2025:12355 Fixed in: rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64 RHSA-2025:12355 Fixed in: init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64 RHSA-2025:12355 Fixed in: rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64 RHSA-2025:12355 Fixed in: init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le RHSA-2025:12355 Fixed in: rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x RHSA-2025:12355 Fixed in: init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x RHSA-2025:12355 Fixed in: rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le RHSA-2025:12355 amq7/amq-broker Red Hat / RHEL
Fixed in: rhel8-operator@sha256:aee189bb82d82d8cec5be445e5d986e7b03b4949e0b055475d0d99c3f72af4c9_arm64 RHSA-2025:12355 Fixed in: init-rhel8@sha256:a31c87b93441f27603e5672b5b951779bc965e68b471caaf70a52c12255268a7_amd64 RHSA-2025:12355 Fixed in: rhel8-operator@sha256:0943624823b5ea2a95ad39c090a97515e8bd577bf901d6ef31724b992031ceb6_amd64 RHSA-2025:12355 Fixed in: init-rhel8@sha256:bfcc8f35ef2f398a87f322ad361dcfe4bf5c7aaccfaf89a4e688c45a72cd74e9_ppc64le RHSA-2025:12355 Fixed in: rhel8-operator@sha256:aaf54806151be114a2a5fe119f231a2cc04439b4b800045695c444a392ca2f4e_ppc64le RHSA-2025:12355 Fixed in: init-rhel8@sha256:95e49d60d2431facee201ee37fd3766854c3f39a6bc92d0cfa51cde20f970c6d_s390x RHSA-2025:12355 Fixed in: rhel8-operator@sha256:3aee3c97d5a5d9b54e161aa669e7e9b3da7745a8e3b9d86bf711bd3349c4f558_s390x RHSA-2025:12355 Fixed in: init-rhel8@sha256:bc23a019eea3ea16eae26ffd5d6e13e35cefe602a199075ff8fb4d350cbab974_arm64 RHSA-2025:12355 amq7/amq-broker-rhel8 Rocky
Fixed in: operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64 RHSA-2025:12355 amq7/amq-broker-rhel8 Red Hat / RHEL
Fixed in: operator-bundle@sha256:70a388147b14f191da563b33759c985efe9cc98ed9a4d94b92b94f0199ad9af6_amd64 RHSA-2025:12355 Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Impact
Confidentiality High
Integrity None
Availability None
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.15% probability of exploitation in 30 days
4th percentile
Low risk: more likely to be exploited than 4% of all known CVEs.
Embed a live status badge for CVE-2025-4057 Markdown
[](https://tridentstack.com/cve/CVE-2025-4057)HTML
<a href="https://tridentstack.com/cve/CVE-2025-4057"><img src="https://tridentstack.com/cve/badge/CVE-2025-4057.svg" alt="CVE-2025-4057"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-07-31.