/

CVE-2023-46604 Report - Details, Severity, & Advisorie...

CVE-2023-46604 Report - Details, Severity, & Advisories

Twingate Team

May 30, 2024

What is CVE-2023-46604?

A critical vulnerability, CVE-2023-46604, has been identified in the Java OpenWire protocol marshaller, affecting both brokers and clients using the Java-based OpenWire protocol. This vulnerability allows a remote attacker with network access to execute arbitrary shell commands by manipulating serialized class types in the OpenWire protocol. The issue impacts various systems, including Apache ActiveMQ and OX App Suite deployments. To mitigate this vulnerability, users are advised to upgrade their systems to the appropriate fixed versions.

Who is impacted by CVE-2023-46604?

Affected versions include Apache ActiveMQ 5.8.0 to 5.18.0 (excluding 5.15.16, 5.16.7, 5.17.6, and 5.18.3), Apache ActiveMQ Legacy OpenWire Module 5.8.0 to 5.18.0 (excluding 5.15.16, 5.16.7, 5.17.6, and 5.18.3), OX App Suite frontend 7.10.6-rev40, 8.20, 8.21, 8.22, and OX App Suite office 7.10.6-rev11, 7.10.6-rev12. This vulnerability allows a remote attacker to execute arbitrary shell commands by manipulating serialized class types in the OpenWire protocol.

What should I do if I’m affected?

If you're affected by the CVE-2023-46604 vulnerability, it's crucial to take action to protect your systems. To mitigate this vulnerability, follow these steps:

  1. Upgrade your Apache ActiveMQ brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3.

  2. For OX App Suite users, deploy the provided updates and patch releases for the affected frontend and office components.

  3. Monitor security advisories and updates from your software vendors to stay informed about any new developments related to this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-46604 vulnerability, also known as "Apache ActiveMQ Deserialization of Untrusted Data Vulnerability," is indeed present in CISA's Known Exploited Vulnerabilities Catalog. It was added on November 2, 2023, with a due date of November 23, 2023. The required action is to apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-502, which involves deserialization of untrusted data in the Java OpenWire protocol marshaller, affecting systems like Apache ActiveMQ and OX App Suite.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the sources below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-46604 Report - Details, Severity, & Advisorie...

CVE-2023-46604 Report - Details, Severity, & Advisories

Twingate Team

May 30, 2024

What is CVE-2023-46604?

A critical vulnerability, CVE-2023-46604, has been identified in the Java OpenWire protocol marshaller, affecting both brokers and clients using the Java-based OpenWire protocol. This vulnerability allows a remote attacker with network access to execute arbitrary shell commands by manipulating serialized class types in the OpenWire protocol. The issue impacts various systems, including Apache ActiveMQ and OX App Suite deployments. To mitigate this vulnerability, users are advised to upgrade their systems to the appropriate fixed versions.

Who is impacted by CVE-2023-46604?

Affected versions include Apache ActiveMQ 5.8.0 to 5.18.0 (excluding 5.15.16, 5.16.7, 5.17.6, and 5.18.3), Apache ActiveMQ Legacy OpenWire Module 5.8.0 to 5.18.0 (excluding 5.15.16, 5.16.7, 5.17.6, and 5.18.3), OX App Suite frontend 7.10.6-rev40, 8.20, 8.21, 8.22, and OX App Suite office 7.10.6-rev11, 7.10.6-rev12. This vulnerability allows a remote attacker to execute arbitrary shell commands by manipulating serialized class types in the OpenWire protocol.

What should I do if I’m affected?

If you're affected by the CVE-2023-46604 vulnerability, it's crucial to take action to protect your systems. To mitigate this vulnerability, follow these steps:

  1. Upgrade your Apache ActiveMQ brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3.

  2. For OX App Suite users, deploy the provided updates and patch releases for the affected frontend and office components.

  3. Monitor security advisories and updates from your software vendors to stay informed about any new developments related to this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-46604 vulnerability, also known as "Apache ActiveMQ Deserialization of Untrusted Data Vulnerability," is indeed present in CISA's Known Exploited Vulnerabilities Catalog. It was added on November 2, 2023, with a due date of November 23, 2023. The required action is to apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-502, which involves deserialization of untrusted data in the Java OpenWire protocol marshaller, affecting systems like Apache ActiveMQ and OX App Suite.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the sources below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-46604 Report - Details, Severity, & Advisories

Twingate Team

May 30, 2024

What is CVE-2023-46604?

A critical vulnerability, CVE-2023-46604, has been identified in the Java OpenWire protocol marshaller, affecting both brokers and clients using the Java-based OpenWire protocol. This vulnerability allows a remote attacker with network access to execute arbitrary shell commands by manipulating serialized class types in the OpenWire protocol. The issue impacts various systems, including Apache ActiveMQ and OX App Suite deployments. To mitigate this vulnerability, users are advised to upgrade their systems to the appropriate fixed versions.

Who is impacted by CVE-2023-46604?

Affected versions include Apache ActiveMQ 5.8.0 to 5.18.0 (excluding 5.15.16, 5.16.7, 5.17.6, and 5.18.3), Apache ActiveMQ Legacy OpenWire Module 5.8.0 to 5.18.0 (excluding 5.15.16, 5.16.7, 5.17.6, and 5.18.3), OX App Suite frontend 7.10.6-rev40, 8.20, 8.21, 8.22, and OX App Suite office 7.10.6-rev11, 7.10.6-rev12. This vulnerability allows a remote attacker to execute arbitrary shell commands by manipulating serialized class types in the OpenWire protocol.

What should I do if I’m affected?

If you're affected by the CVE-2023-46604 vulnerability, it's crucial to take action to protect your systems. To mitigate this vulnerability, follow these steps:

  1. Upgrade your Apache ActiveMQ brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3.

  2. For OX App Suite users, deploy the provided updates and patch releases for the affected frontend and office components.

  3. Monitor security advisories and updates from your software vendors to stay informed about any new developments related to this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-46604 vulnerability, also known as "Apache ActiveMQ Deserialization of Untrusted Data Vulnerability," is indeed present in CISA's Known Exploited Vulnerabilities Catalog. It was added on November 2, 2023, with a due date of November 23, 2023. The required action is to apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-502, which involves deserialization of untrusted data in the Java OpenWire protocol marshaller, affecting systems like Apache ActiveMQ and OX App Suite.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the sources below.