10

CVE-2023-46604

Warnung
Exploit

The Java OpenWire protocol marshaller is vulnerable to Remote Code 
Execution. This vulnerability may allow a remote attacker with network 
access to either a Java-based OpenWire broker or client to run arbitrary
 shell commands by manipulating serialized class types in the OpenWire 
protocol to cause either the client or the broker (respectively) to 
instantiate any class on the classpath.

Users are recommended to upgrade
 both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 
which fixes this issue.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheActivemq Version < 5.15.16
ApacheActivemq Version >= 5.16.0 < 5.16.7
ApacheActivemq Version >= 5.17.0 < 5.17.6
ApacheActivemq Version >= 5.18.0 < 5.18.3
ApacheActivemq Legacy Openwire Module Version >= 5.16.0 < 5.16.7
ApacheActivemq Legacy Openwire Module Version >= 5.17.0 < 5.17.6
ApacheActivemq Legacy Openwire Module Version >= 5.18.0 < 5.18.3
DebianDebian Linux Version10.0
NetappSantricity Storage Plugin Version- SwPlatformvcenter

02.11.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog

Apache ActiveMQ Deserialization of Untrusted Data Vulnerability

Schwachstelle

Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.

Beschreibung

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 94.44% 1
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security@apache.org 10 3.9 6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

http://seclists.org/fulldisclosure/2024/Apr/18
Third Party Advisory
Mailing List