CVE-2023-46604
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
In short
Apache ActiveMQ's OpenWire protocol allows remote attackers to execute arbitrary commands on servers or clients by sending specially crafted messages. This is a critical flaw that affects the messaging system itself.
Technical detail
Unbounded deserialization in the OpenWire protocol marshaller (CWE-502) enables Remote Code Execution when a remote attacker with network access manipulates serialized class types to instantiate arbitrary classes from the classpath on either broker or client. No authentication is required; impact includes complete system compromise.
Summary generated and translated by AI from the official description.
The Java OpenWire protocol marshaller is vulnerable to Remote Code
Execution. This vulnerability may allow a remote attacker with network
access to either a Java-based OpenWire broker or client to run arbitrary
shell commands by manipulating serialized class types in the OpenWire
protocol to cause either the client or the broker (respectively) to
instantiate any class on the classpath.
Users are recommended to upgrade
both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3
which fixes this issue.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
Affected products
Apache Software Foundation · Apache ActiveMQApache Software Foundation · Apache ActiveMQ Legacy OpenWire Modulepublic PoCs found — 38
githubgithub.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ★ 126githubgithub.com/Catherines77/ActiveMQ-EXPtools★ 77githubgithub.com/Arlenhiack/ActiveMQ-RCE-Exploit★ 43githubgithub.com/evkl1d/CVE-2023-46604★ 40githubgithub.com/trganda/ActiveMQ-RCE★ 28githubgithub.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell★ 18githubgithub.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp★ 5githubgithub.com/vulncheck-oss/cve-2023-46604★ 4githubgithub.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up★ 3githubgithub.com/NKeshawarz/CVE-2023-46604-RCE★ 3githubgithub.com/mrpentst/CVE-2023-46604★ 2githubgithub.com/RockyDesigne/SSP-Assignment-3-RCEYouLater★ 2githubgithub.com/dcm2406/CVE-Lab★ 2githubgithub.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence★ 2githubgithub.com/stegano5/ExploitScript-CVE-2023-46604★ 1githubgithub.com/minhangxiaohui/ActiveMQ_CVE-2023-46604★ 1githubgithub.com/pulentoski/CVE-2023-46604★ 1githubgithub.com/skrkcb2/CVE-2023-46604★ 1githubgithub.com/vaishnavucv/Project-Vuln-Detection-N-Mitigation_101★ 1githubgithub.com/tomasmussi/activemq-cve-2023-46604★ 0githubgithub.com/CrackerCat/ActiveMQ_RCE_Pro_Max★ 0githubgithub.com/vjayant93/CVE-2023-46604-POC★ 0githubgithub.com/thinkycx/activemq-rce-cve-2023-46604★ 0githubgithub.com/mranv/honeypot.rs★ 0githubgithub.com/trnguyen03/activemq-ids-ips-lab★ 0githubgithub.com/cuanh2333/CVE-2023-46604★ 0githubgithub.com/REGGYRAIDER/CVE-2023-46604-RCE★ 0githubgithub.com/CCIEVoice2009/CVE-2023-46604★ 0githubgithub.com/aelshimony-cloud/OpenWire-CVE-2023-46604-Investigation★ 0githubgithub.com/pavanaa4k/CVE-2023-46604-LAB★ 0githubgithub.com/nitzanoligo/CVE-2023-46604-demo★ 0githubgithub.com/sangrok-jeon/CVE-2023-46604-Analysis★ 0githubgithub.com/mkdemir/activemq-lockbit-analysis★ 0githubgithub.com/Navya240/intel471-threat-hunting-cve-2023-46604★ 0githubgithub.com/KlaasStessens/CVE-2023-46604★ 0githubgithub.com/dcm2406/CVE-2023-46604★ 0githubgithub.com/Mudoleto/Broker_ApacheMQ★ 0cve_referencepacketstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txthttp://seclists.org/fulldisclosure/2024/Apr/18https://lists.debian.org/debian-lts-announce/2023/11/msg00013.htmlhttps://lists.debian.org/debian-lts-announce/2024/10/msg00027.htmlhttps://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.htmlhttps://security.netapp.com/advisory/ntap-20231110-0010/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604https://www.openwall.com/lists/oss-security/2023/10/27/5