10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
10 High
AI Score
Confidence
High
0.964 High
EPSS
Percentile
99.6%
The remote host contains an Apache ActiveMQ version that is prior to 5.15.16, 5.16.7, 5.17.6, or 5.18.3. It is, therefore, affected by a remote code execution vulnerability. A remote attacker can exploit this and load the malicious XML of their choice from any URL and perform remote code execution.
Binary data activemq_CVE-2023-46604.nbin
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
10 High
AI Score
Confidence
High
0.964 High
EPSS
Percentile
99.6%