Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.

Published

2023-10-27T15:15:14.017

Last Modified

2025-03-07T17:08:15.570

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 10.0 (CRITICAL)

Weaknesses

Type: Primary
CWE-502

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	activemq	< 5.15.16	Yes
Application	apache	activemq	< 5.16.7	Yes
Application	apache	activemq	< 5.17.6	Yes
Application	apache	activemq	< 5.18.3	Yes
Application	apache	activemq_legacy_openwire_module	< 5.15.16	Yes
Application	apache	activemq_legacy_openwire_module	< 5.16.7	Yes
Application	apache	activemq_legacy_openwire_module	< 5.17.6	Yes
Application	apache	activemq_legacy_openwire_module	< 5.18.3	Yes
Operating System	debian	debian_linux	10.0	Yes
Application	netapp	e-series_santricity_unified_manager	-	Yes
Application	netapp	e-series_santricity_web_services_proxy	-	Yes
Application	netapp	santricity_storage_plugin	-	Yes

References

http://seclists.org/fulldisclosure/2024/Apr/18 Mailing List, Third Party Advisory ([email protected])
https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt Vendor Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html Mailing List ([email protected])
https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html Exploit, Third Party Advisory, VDB Entry ([email protected])
https://security.netapp.com/advisory/ntap-20231110-0010/ Third Party Advisory ([email protected])
https://www.openwall.com/lists/oss-security/2023/10/27/5 Mailing List ([email protected])
http://seclists.org/fulldisclosure/2024/Apr/18 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)
https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20231110-0010/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.openwall.com/lists/oss-security/2023/10/27/5 Mailing List (af854a3a-2127-422b-91ae-364da2661108)