Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-32114— Apache ActiveMQ: Jolokia and REST API were not secured with default configuration

CVSS 8.5 · High EPSS 72.63% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-32114

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Apache ActiveMQ: Jolokia and REST API were not secured with default configuration
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker (using Jolokia JMX REST API) and/or produce/consume messages or purge/delete destinations (using the Message REST API). To mitigate, users can update the default conf/jetty.xml configuration file to add authentication requirement: <bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">   <property name="constraint" ref="securityConstraint" />   <property name="pathSpec" value="/" /> </bean> Or we encourage users to upgrade to Apache ActiveMQ 6.1.2 where the default configuration has been updated with authentication by default.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
不安全的默认资源初始化
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache ActiveMQ 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache ActiveMQ是美国阿帕奇(Apache)基金会的一套开源的消息中间件,它支持Java消息服务、集群、Spring Framework等。 Apache ActiveMQ 6.x版本存在安全漏洞,该漏洞源于默认配置无法保护 API Web 环境。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
Apache Software FoundationApache ActiveMQ 6.0.0 ~ 6.1.1 -

II. Public POCs for CVE-2024-32114

#POC DescriptionSource LinkShenlong Link
1https://github.com/vulhub/vulhub/blob/master/activemq/CVE-2024-32114/README.mdPOC Details
2Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20ActiveMQ%20Jolokia%20API%20%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE%E6%BC%8F%E6%B4%9E%20CVE-2024-32114.mdPOC Details
3Apache ActiveMQ 6.x contains an unauthenticated API web context caused by default configuration lacking security measures in the Jetty server, letting anyone interact with broker APIs and messaging layers, exploit requires no authentication. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-32114.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-32114

登录查看更多情报信息。

IV. Related Vulnerabilities

Same product: Apache ActiveMQ
Same vendor: Apache Software Foundation
Same weakness: CWE-1188

V. Comments for CVE-2024-32114

No comments yet

Leave a comment