The flaw, known as CVE-2023-46604, allows attackers to execute arbitrary shell commands by exploiting the serialized class types in the OpenWire protocol. The issue affects several versions of Apache ActiveMQ, but patches have been released.
The flaw, known as CVE-2023-46604, allows attackers to execute arbitrary shell commands by exploiting the serialized class types in the OpenWire protocol. The issue affects several versions of Apache ActiveMQ, but patches have been released.