3,000 Apache ActiveMQ servers weak to RCE assaults uncovered on-line

November 1, 2023

Over three thousand internet-exposed Apache ActiveMQ servers are weak to a just lately disclosed crucial distant code execution (RCE) vulnerability.

Apache ActiveMQ is a scalable open-source message dealer that fosters communication between purchasers and servers, supporting Java and varied cross-language purchasers and lots of protocols, together with AMQP, MQTT, OpenWire, and STOMP.

Due to the venture’s help for a various set of safe authentication and authorization mechanisms, it’s extensively utilized in enterprise environments the place techniques talk with out direct connectivity.

The flaw in query is CVE-2023-46604, a crucial severity (CVSS v3 rating: 10.0) RCE permitting attackers to execute arbitrary shell instructions by exploiting the serialized class sorts within the OpenWire protocol.

In response to Apache’s disclosure from October 27, 2023, the problem impacts the next Apache Lively MQ and Legacy OpenWire Module variations:

5.18.x variations earlier than 5.18.3
5.17.x variations earlier than 5.17.6
5.16.x variations earlier than 5.16.7
All variations earlier than 5.15.16

Fixes have been made out there on the identical day with the discharge of variations 5.15.16, 5.16.7, 5.17.6, and 5.18.3, that are the beneficial improve targets.

Hundreds of servers unpatched

Researchers from risk monitoring service ShadowServer discovered 7,249 servers accessible with ActiveMQ companies.

Of these, 3,329 have been discovered to run an ActiveMQ model weak to CVE-2023-4660, with all of those servers weak to distant code execution.

Many of the weak situations (1,400) are situated in China. America comes second with 530, Germany is third with 153, whereas India, the Netherlands, Russia, France, and South Korea have 100 uncovered servers every.

Vulnerable ActiveMQ servers as of October 30 — **Weak ActiveMQ servers as of October 30** *(ShadowServer)*

Given the position Apache ActiveMQ fulfills as a message dealer in enterprise environments, exploitation of CVE-2023-46604 may lead to message interception, workflow disruption, information theft, and even lateral motion within the community.

As technical particulars on exploiting CVE-2023-46604 are publicly out there, making use of the security updates must be thought of time-sensitive.

- Advertisment -

3,000 Apache ActiveMQ servers weak to RCE assaults uncovered on-line

Hundreds of servers unpatched

Job termination rip-off warns employees of phony Employment Tribunal determination

Over 2,000 Palo Alto Networks Units Hacked in Ongoing Attack Marketing campaign

Google’s AI-Powered OSS-Fuzz Software Finds 26 Vulnerabilities in Open-Supply Tasks

LEAVE A REPLY Cancel reply

Most Popular

Why Instagram Threads is a hotbed of dangers for companies

1000’s of Juniper gadgets susceptible to unauthenticated RCE flaw

Phishing Campaigns Ship New SideTwist Backdoor and Agent Tesla Variant

Prospects warned to cancel bank cards

Telesign launches built-in API to mix conventional id verification channels

Atlas VPN zero-day vulnerability leaks customers’ actual IP tackle

Meet the cyber-criminals of 2023

EDITOR PICKS

The Cookie Privateness Monster in Huge International Retail

Chinese language cybersecurity affiliation urges overview of Intel merchandise – Computerworld

Chinese language Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

POPULAR News

Why Instagram Threads is a hotbed of dangers for companies

1000’s of Juniper gadgets susceptible to unauthenticated RCE flaw

Phishing Campaigns Ship New SideTwist Backdoor and Agent Tesla Variant

POPULAR TAGS

POPULAR Tags

POPULAR Tags

ABOUT US

FOLLOW US