March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
November 29, 2023Rewterz Threat Advisory – CVE-2023-49145 – Apache NiFi Vulnerability
November 29, 2023Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
November 29, 2023Rewterz Threat Advisory – CVE-2023-49145 – Apache NiFi Vulnerability
November 29, 2023
Severity
High
Analysis Summary
CVE-2022-41678
Apache ActiveMQ could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Jolokia component. By sending specially crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-41678
Affected Vendors
Apache
Affected Products
- Apache ActiveMQ 5.16.0
- Apache ActiveMQ 5.17.0
Remediation
Upgrade to the latest version of Apache ActiveMQ, available from the Apache Web site.