| |
Vulnerability CVE-2023-46604
Published: 2023-10-27
Description: |
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue. |
See advisories in our WLB2 database: | Topic | Author | Date |
Med. |
| Martin Heiland | 11.04.2024 |
Type:
CWE-502 (Deserialization of Untrusted Data)
References: |
https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|