Apache RocketMQ - Remote Code Execution (CVE-2023-33246)
- Severity
- CVSSv3 Score
- 9.8
- Vulnerability description
RocketMQ versions 5.1.0 and below are vulnerable to CVE-2023-33246, a Remote Code Execution vulnerability, affecting the Broker component of Apache RocketMQ. The root cause of this vulnerability is the fact that the Broker component of RocketMQ is leaked on the extranet and lacks permission verification. This vulnerability allows an unauthenticated remote attacker to exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as.
- Risk description
The risk exists that an unauthenticated remote attacker could gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
Update Apache RocketMQ to one of the currently fixed versions.
- Codename
- Not available
- Detectable with
- Network Scanner
- Exploitable with Sniper
- Yes
- Vuln date
- May 2023
- Published at
- Updated at
- Software Type
- Distributed messaging and streaming platform
- Vendor
- Apache
- Product
- Apache RocketMQ