21.Globe RadiatingCode

Apache ActiveMQ is a messaging server that many organizations use across the world. The software has been actively developed since 2003, and it has a large user base.

A security vulnerability in the Apache ActiveMQ software was recently discovered, allowing attackers to control the server and potentially spread malware throughout an organization's network.

 

This vulnerability was disclosed on October 27, 2023, and patches were released on October 28, 2023. All impacted users should update to the following versions as soon as possible:

  • 5.15.16
  • 5.16.7
  • 5.17.6
  • 5.18.3

If updating isn’t feasible, users should block OpenWire access from the Internet to mitigate risk. Check out the article linked below for more details on this threat and how to protect against it.