Apache ActiveMQ has a remote code execution vulnerability [CVE-2023-46604]. This vulnerability allows a remote attacker with network access to a broker to run arbitrary shell commands. It is exploited by manipulating serialized class types in the OpenWire protocol to cause the broker to recreate any class on the classpath.
What To Do
- Use Vulnerability Detection to search for CVE-2023-46604 with Confirmed Exposure.
- Update Apache ActiveMQ to one of the following versions:
- 5.15.16
- 5.16.7
- 5.17.6
- 5.18.3
- “Artemis” 2.31.2
Resources
- Apache ActiveMQ, “Update on CVE-2023-46604”
- Help Net Security, “Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)”
- November 13, 2023: Search for confirmed exposure.
- November 9, 2023: “Artemis” 2.31.2 added to patched versions.
- November 7, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.