Public Notices

Apache RocketMQ Remote Code Execution Vulnerability

Oct 30, 2023 GMT+08:00

1.Overview

Recently, Apache ActiveMQ released a new version which has fixed a remote code execution vulnerability. A remote attacker with access to the Apache ActiveMQ server TCP port (default: 61616) can execute arbitrary code by sending malicious data to the server. Successful exploitation of this vulnerability can cause remote code execution and gain control of the target server. This vulnerability has been exploited in the wild, and the risk is high.

Apache ActiveMQ is the most popular open source, multi-protocol, Java-based message broker that offers the power and flexibility to support any messaging use-case. If you are an Apache ActiveMQ user, check your versions and implement timely security hardening.

Reference:

https://github.com/apache/activemq/tags

https://github.com/apache/activemq/compare/activemq-5.18.2...activemq-5.18.3

2.Severity

important

(Severity: low, moderate, important, and critical)

3.Affected Products

Affected versions:

Apache ActiveMQ < 5.18.3

Apache ActiveMQ < 5.17.6

Apache ActiveMQ < 5.16.7

Apache ActiveMQ < 5.15.16

Secure versions:

Apache ActiveMQ >= 5.18.3

Apache ActiveMQ >= 5.17.6

Apache ActiveMQ >= 5.16.7

Apache ActiveMQ >= 5.15.16

4.Vulnerability Handling

This vulnerability has been fixed in later official versions. If your service version falls into the affected range, upgrade it to a latest secure version.

https://github.com/apache/activemq/tags

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.

5.Technical Support

Get more professional support at any time

Email: GlobalTechnicalService@iwhalecloud.com