Warning: RocketMQ Vulnerability Actively Exploited by Threat Actors

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new critical-severity vulnerability to its KEV catalog. The issue is tracked as CVE-2023-33246 and it affects Apache’s RocketMQ distributed messaging and streaming platform. Exploiting the vulnerability is possible without authentication and has been leveraged actively by threat actors since at least June. Multiple threat actors […]

The post Warning: RocketMQ Vulnerability Actively Exploited by Threat Actors appeared first on Heimdal Security Blog.

actively exploited agency apache authentication catalog cisa critical cve cybersecurity cybersecurity news distributed exploited exploiting infrastructure infrastructure security issue june kev kev catalog messaging platform rocketmq security severity streaming threat threat actors vulnerability warning