Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 Exploit for CVE-2023-46604 This tool helps...

K000137761: Apache ActiveMQ vulnerability CVE-2023-46604

Security Advisory Description The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in...

Apache ActiveMQ Deserialization of Untrusted Data Vulnerability

Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath...

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Tom Elkins, John Fenninger, Evan McCann, Matthew Smith, and Micah Young contributed attacker behavior insights to this blog. Beginning Friday, October 27, Rapid7 Managed Detection and Response MDR identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two different customer...

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...

CVE-2023-46604

CVE-2023-46604 – Apache ActiveMQ OpenWire deserialization RCE has concrete details in connected sources: the Java OpenWire protocol marshaller is vulnerable to remote code execution. A remote attacker with network access to a Java-based OpenWire broker or client can execute arbitrary shell comman...

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...

Oracle Java Security Slider Feature Bypass (CVE-2013-1489)

A security feature bypass vulnerability has been reported in Oracle Java JRE. The vulnerability occurs when a serialized class is loaded via the applet tag object attribute. A remote attacker can exploit this vulnerability to bypass warning prompts by enticing user to open a Java applet embedded ...