CVE-2026-22886
Received Received - Intake
Default Credential Authentication Bypass in OpenMQ imqbrokerd Service

Publication date: 2026-03-03

Last updated on: 2026-04-09

Assigner: Eclipse Foundation

Description
OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires authentication. However, the product ships with a default administrative account (admin/ admin) and does not enforce a mandatory password change on first use. After the first successful login, the server continues to accept the default password indefinitely without warning or enforcement. In real-world deployments, this service is often left enabled without changing the default credentials. As a result, a remote attacker with access to the service port could authenticate as an administrator and gain full control of the protocol’s administrative features.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-04-09
Generated
2026-06-16
AI Q&A
2026-03-03
EPSS Evaluated
2026-06-14
NVD
CVE-2026-22886
EUVD
EUVD-2026-9283
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
eclipse openmq *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1393 The product uses default passwords for potentially critical functionality.
CWE-1392 The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
CWE-1391 The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-22886 is a critical vulnerability in the Eclipse OpenMQ project's TCP-based management service called imqbrokerd. This service requires authentication but ships with a default administrative account using the credentials admin/admin."}, {'type': 'paragraph', 'content': 'The system does not enforce a mandatory password change upon first login, and after the initial access, it continues to accept the default password indefinitely without any warning or enforcement.'}, {'type': 'paragraph', 'content': 'In real-world deployments, this default credential is often left unchanged, allowing remote attackers with access to the service port to authenticate as administrators and gain full control over the protocol’s administrative features.'}] [1]

Impact Analysis

This vulnerability allows a remote attacker with access to the TCP management service port to authenticate as an administrator using default credentials.

Once authenticated, the attacker gains full control over the protocol’s administrative features, which can lead to unauthorized configuration changes, disruption of service, or exploitation of other authenticated-only vulnerabilities within the same protocol.

The vulnerability has a high severity with a CVSS score of 9.8, indicating it can cause significant confidentiality, integrity, and availability impacts.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if the OpenMQ TCP-based management service (imqbrokerd) is running and accessible on your network, and then attempting to authenticate using the default administrative credentials (admin/admin). If authentication succeeds without requiring a password change, the system is vulnerable.'}, {'type': 'paragraph', 'content': 'A practical approach is to scan for the service port used by imqbrokerd and then attempt a login using the default credentials.'}, {'type': 'list_item', 'content': 'Use a network scanning tool like nmap to identify if the imqbrokerd service port is open.'}, {'type': 'list_item', 'content': "Attempt to authenticate to the service using a client or script with the username 'admin' and password 'admin'."}, {'type': 'list_item', 'content': 'Example command to scan for open ports (replace <host> and <port> accordingly): nmap -p <port> <host>'}, {'type': 'list_item', 'content': 'If a client tool for OpenMQ management is available, use it to attempt login with default credentials.'}] [1]

Mitigation Strategies

[{'type': 'paragraph', 'content': "Immediate mitigation steps include changing the default administrative password from 'admin' to a strong, unique password as soon as possible."}, {'type': 'paragraph', 'content': 'Additionally, if the management service (imqbrokerd) is not required, consider disabling it to reduce the attack surface.'}, {'type': 'paragraph', 'content': 'Ensure that access to the service port is restricted via network controls such as firewalls or access control lists to limit exposure to trusted hosts only.'}, {'type': 'paragraph', 'content': 'Regularly audit and monitor authentication logs for any unauthorized access attempts.'}] [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22886. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart