BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Fortinet FortiOS
Ivanti Sentry
Messaging & Integration
Insecure Deserialization
Network Security
Operating Systems
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedInsecure Deserialization

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2023-46604

CVE-2023-46604: Critical RCE in Apache ActiveMQ via OpenWire Deserialization

Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.

ActiveMQ
View Detail