all InfoSec news
Apache ActiveMQ Remote Code Execution Vulnerability (CVE-2023-46604)
Nov. 10, 2023, 6:28 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
Ransomware attackers are targeting servers running outdated and vulnerable versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). CVE-2023-46604 is an unauthenticated deserialization vulnerability in ActiveMQ's OpenWire transport connector. Successful exploitation allows an attacker to execute arbitrary code with the same privileges of the ActiveMQ server.
What is the Vendor Solution?
Apache has released the patches to address CVE-2023-46604 and can be found here.
What FortiGuard Coverage is available?
FortiGuard Labs has released an …
activemq apache apache activemq arbitrary code attack attacker attackers code code execution connector cve cve-2023-46604 deserialization exploitation exploiting privileges ransomware remote code remote code execution running server servers targeting transport unauthenticated vulnerability vulnerable what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Jobs in InfoSec / Cybersecurity
Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)
@ IREX | Ramallah, West Bank, Palestinian National Authority
Consultant(e) Junior Cybersécurité
@ Sia Partners | Paris, France
Senior Network Security Engineer
@ NielsenIQ | Mexico City, Mexico
Senior Consultant, Payment Intelligence
@ Visa | Washington, DC, United States
Corporate Counsel, Compliance
@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
Security Operations Engineer
@ Samsara | Remote - US