New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
15 November 2023
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory.
Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands.
It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,