Lucene search

K

CVE-2023-46604 Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack

🗓️ 27 Oct 2023 14:31:59Reported by apacheType 
cvelist
 cvelist
🔗 www.cve.org👁 11 Views

Unbounded deserialization vulnerability in Apache ActiveMQ Legacy OpenWire Modul

Show more
Related
Affected
Refs
[
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.activemq:activemq-client",
    "product": "Apache ActiveMQ",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "5.18.3",
        "status": "affected",
        "version": "5.18.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.17.6",
        "status": "affected",
        "version": "5.17.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.16.7",
        "status": "affected",
        "version": "5.16.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.15.16",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.activemq:activemq-openwire-legacy",
    "product": "Apache ActiveMQ Legacy OpenWire Module",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "5.18.3",
        "status": "affected",
        "version": "5.18.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.17.6",
        "status": "affected",
        "version": "5.17.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.16.7",
        "status": "affected",
        "version": "5.16.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.15.16",
        "status": "affected",
        "version": "5.8.0",
        "versionType": "semver"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
27 Oct 2023 14:59Current
9.8High risk
Vulners AI Score9.8
CVSS310.0
EPSS0.968
11
.json
Report