CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-50780

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE. Users are recommended to upgrade to version 2.29.0 or later, which fixes the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.5%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2023-50780

Apache » Activemq Artemis » Version: N/A

cpe:2.3:a:apache:activemq_artemis:-
Apache » Activemq Artemis » Version: 1.0.0

cpe:2.3:a:apache:activemq_artemis:1.0.0
Apache » Activemq Artemis » Version: 1.1.0

cpe:2.3:a:apache:activemq_artemis:1.1.0
Apache » Activemq Artemis » Version: 1.2.0

cpe:2.3:a:apache:activemq_artemis:1.2.0
Apache » Activemq Artemis » Version: 1.3.0

cpe:2.3:a:apache:activemq_artemis:1.3.0
Apache » Activemq Artemis » Version: 1.4.0

cpe:2.3:a:apache:activemq_artemis:1.4.0
Apache » Activemq Artemis » Version: 1.5.0

cpe:2.3:a:apache:activemq_artemis:1.5.0
Apache » Activemq Artemis » Version: 1.5.1

cpe:2.3:a:apache:activemq_artemis:1.5.1
Apache » Activemq Artemis » Version: 1.5.2

cpe:2.3:a:apache:activemq_artemis:1.5.2
Apache » Activemq Artemis » Version: 1.5.3

cpe:2.3:a:apache:activemq_artemis:1.5.3
Apache » Activemq Artemis » Version: 1.5.4

cpe:2.3:a:apache:activemq_artemis:1.5.4
Apache » Activemq Artemis » Version: 1.5.5

cpe:2.3:a:apache:activemq_artemis:1.5.5
Apache » Activemq Artemis » Version: 1.5.6

cpe:2.3:a:apache:activemq_artemis:1.5.6
Apache » Activemq Artemis » Version: 2.0.0

cpe:2.3:a:apache:activemq_artemis:2.0.0
Apache » Activemq Artemis » Version: 2.1.0

cpe:2.3:a:apache:activemq_artemis:2.1.0
Apache » Activemq Artemis » Version: 2.10.0

cpe:2.3:a:apache:activemq_artemis:2.10.0
Apache » Activemq Artemis » Version: 2.10.1

cpe:2.3:a:apache:activemq_artemis:2.10.1
Apache » Activemq Artemis » Version: 2.11.0

cpe:2.3:a:apache:activemq_artemis:2.11.0
Apache » Activemq Artemis » Version: 2.12.0

cpe:2.3:a:apache:activemq_artemis:2.12.0
Apache » Activemq Artemis » Version: 2.13.0

cpe:2.3:a:apache:activemq_artemis:2.13.0
Apache » Activemq Artemis » Version: 2.14.0

cpe:2.3:a:apache:activemq_artemis:2.14.0
Apache » Activemq Artemis » Version: 2.15.0

cpe:2.3:a:apache:activemq_artemis:2.15.0
Apache » Activemq Artemis » Version: 2.16.0

cpe:2.3:a:apache:activemq_artemis:2.16.0
Apache » Activemq Artemis » Version: 2.17.0

cpe:2.3:a:apache:activemq_artemis:2.17.0
Apache » Activemq Artemis » Version: 2.18.0

cpe:2.3:a:apache:activemq_artemis:2.18.0
Apache » Activemq Artemis » Version: 2.19.0

cpe:2.3:a:apache:activemq_artemis:2.19.0
Apache » Activemq Artemis » Version: 2.19.1

cpe:2.3:a:apache:activemq_artemis:2.19.1
Apache » Activemq Artemis » Version: 2.2.0

cpe:2.3:a:apache:activemq_artemis:2.2.0
Apache » Activemq Artemis » Version: 2.20.0

cpe:2.3:a:apache:activemq_artemis:2.20.0
Apache » Activemq Artemis » Version: 2.21.0

cpe:2.3:a:apache:activemq_artemis:2.21.0
Apache » Activemq Artemis » Version: 2.22.0

cpe:2.3:a:apache:activemq_artemis:2.22.0
Apache » Activemq Artemis » Version: 2.23.0

cpe:2.3:a:apache:activemq_artemis:2.23.0
Apache » Activemq Artemis » Version: 2.23.1

cpe:2.3:a:apache:activemq_artemis:2.23.1
Apache » Activemq Artemis » Version: 2.24.0

cpe:2.3:a:apache:activemq_artemis:2.24.0
Apache » Activemq Artemis » Version: 2.25.0

cpe:2.3:a:apache:activemq_artemis:2.25.0
Apache » Activemq Artemis » Version: 2.26.0

cpe:2.3:a:apache:activemq_artemis:2.26.0
Apache » Activemq Artemis » Version: 2.27.0

cpe:2.3:a:apache:activemq_artemis:2.27.0
Apache » Activemq Artemis » Version: 2.27.1

cpe:2.3:a:apache:activemq_artemis:2.27.1
Apache » Activemq Artemis » Version: 2.28.0

cpe:2.3:a:apache:activemq_artemis:2.28.0
Apache » Activemq Artemis » Version: 2.3.0

cpe:2.3:a:apache:activemq_artemis:2.3.0
Apache » Activemq Artemis » Version: 2.4.0

cpe:2.3:a:apache:activemq_artemis:2.4.0
Apache » Activemq Artemis » Version: 2.5.0

cpe:2.3:a:apache:activemq_artemis:2.5.0
Apache » Activemq Artemis » Version: 2.6.0

cpe:2.3:a:apache:activemq_artemis:2.6.0
Apache » Activemq Artemis » Version: 2.6.1

cpe:2.3:a:apache:activemq_artemis:2.6.1
Apache » Activemq Artemis » Version: 2.6.2

cpe:2.3:a:apache:activemq_artemis:2.6.2
Apache » Activemq Artemis » Version: 2.6.3

cpe:2.3:a:apache:activemq_artemis:2.6.3
Apache » Activemq Artemis » Version: 2.6.4

cpe:2.3:a:apache:activemq_artemis:2.6.4
Apache » Activemq Artemis » Version: 2.7.0

cpe:2.3:a:apache:activemq_artemis:2.7.0
Apache » Activemq Artemis » Version: 2.8.0

cpe:2.3:a:apache:activemq_artemis:2.8.0
Apache » Activemq Artemis » Version: 2.8.1

cpe:2.3:a:apache:activemq_artemis:2.8.1
Apache » Activemq Artemis » Version: 2.9.0

cpe:2.3:a:apache:activemq_artemis:2.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-50780

Products

Pricing

Contact Us