all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Apache ActiveMQ Jolokia Remote Code Execution Vulnerability (CVE-2022-41678) Notification

Add to bookmarks
Nov. 30, 2023, 6:24 a.m. | NSFOCUS

Security Boulevard securityboulevard.com

Overview Recently, NSFOCUS CERT found a remote code execution vulnerability in Apache ActiveMQ Jolokia (CVE-2022-41678). In the configuration of ActiveMQ, jetty allows org.holokia.http.AgentServlet to process requests for/api/Jolokia. An authenticated attacker can send a specially crafted HTTP request to write a malicious file through the Jolokia service, thus implementing remote code execution. At present, the vulnerability […]


The post Apache ActiveMQ Jolokia Remote Code Execution Vulnerability (CVE-2022-41678) Notification appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects …

activemq apache apache activemq api application security attacker blog cert code code execution configuration cve emergency-response file found http malicious notification nsfocus org process remote code remote code execution request requests send service vulnerability

Visit resource

More from securityboulevard.com / Security Boulevard

Best API Security Product: Wallarm wins 2024 Cybersecurity Excellence Award 4 hours ago | securityboulevard.com
api api security award cyber +19
Kaseya Connect Global 2024 Day 3 Recap 8 hours ago | securityboulevard.com
connect connect global connect global 2024 cybersecurity +9
Google Continues Mixing Generative AI into Cybersecurity 9 hours ago | securityboulevard.com
ai model cloud cloud security cloud service +37
USENIX Security ’23 – The Space of Adversarial Strategies 11 hours ago | securityboulevard.com
access adversarial authors channel +16
HYPR and Microsoft Partner on Entra ID External Authentication Methods 11 hours ago | securityboulevard.com
authentication authentication methods can eam +17
2024 OWASP Mobile Top Ten Risks 11 hours ago | securityboulevard.com
api security api security - analysis application application security +19
Google Makes Implementing 2FA Simpler 11 hours ago | securityboulevard.com
2fa 2fa authenticator 2 factor authentication 2-step verification +29
RSAC 2024: IoT Security Questions (and Answers) 12 hours ago | securityboulevard.com
analysts blog breaches compliance +21
Danile Stori’s ‘Vulnerable Code’ 13 hours ago | securityboulevard.com
code daniel daniel stori humor +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Problem Manager

@ Deutsche Bank | Bucharest
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, VA, Chantilly (15009 Conference Ctr Dr)
View on infosec-jobs.com

Senior Account Executive - Cybersecurity

@ OpenText | Virtual, CA
View on infosec-jobs.com

Grants Compliance Senior Specialist

@ Plan International | Bamako, Mali
View on infosec-jobs.com

Sr. Cybersecurity Engineer- Tenable

@ phia, LLC | Arlington, VA
View on infosec-jobs.com

Portfolio Manager- Enterprise Information Security Auditing

@ American Chemical Society | Columbus, OH, US, 43202
View on infosec-jobs.com
View more jobs