Rewterz Threat Advisory – Multiple Fortinet Products Vulnerabilities
October 29, 2023Rewterz Threat Advisory – Multiple IBM i Vulnerabilities
October 30, 2023Rewterz Threat Advisory – Multiple Fortinet Products Vulnerabilities
October 29, 2023Rewterz Threat Advisory – Multiple IBM i Vulnerabilities
October 30, 2023Severity
High
Analysis Summary
CVE-2023-46604
Apache ActiveMQ and ActiveMQ Legacy OpenWire Module could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the class types in the OpenWire protocol. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-46604
Affected Vendors
Apache
Affected Products
- Apache ActiveMQ 5.15.0
- Apache ActiveMQ 5.16.0
- Apache ActiveMQ 5.17.0
- Apache ActiveMQ 5.18.0
Remediation
Upgrade to the latest version of Apache ActiveMQ, available from the Apache Web site.