Hackers target Apache RocketMQ servers vulnerable to RCE attacks

Every day, hundreds of IP addresses that scan for or try to attack Apache RocketMQ services vulnerable to remote command execution flaws CVE-2023-33246 and CVE-2023-37582 are discovered by security experts.

Both vulnerabilities pertain to an issue that persisted after the vendor’s original fix in May 2023 and have a critical severity ranking. The security flaw initially affected several components, including NameServer, Broker, and Controller, and was tagged as CVE-2023-33246. An incomplete remedy for the NameServer component of RocketMQ was issued by Apache, and it was still applicable to versions 5.1 and lower of the distributed messaging and streaming platform.

Hackers target Apache RocketMQ servers vulnerable to RCE attacks

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Hackers target Apache RocketMQ servers vulnerable to RCE attacks

05-Jan-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address