Apache RocketMQ: Possible remote code execution when using the update configuration function
CVE-2023-37582

9.8CRITICAL

Key Information:

Vendor
Apache
Status
Apache RocketMQ
Vendor
CVE Published:
12 July 2023

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐Ÿ“ฐ News Worthy

Summary

The RocketMQ NameServer component is affected by a persistent remote command execution vulnerability. This issue arises when NameServer addresses are improperly exposed on the extranet without adequate permission verification. Attackers can leverage this flaw to exploit the update configuration function, potentially executing arbitrary commands as the system users under which RocketMQ operates. Users are strongly advised to upgrade their NameServer to version 5.1.2 or later for RocketMQ 5.x and to version 4.9.7 or later for RocketMQ 4.x to mitigate these risks.

Affected Version(s)

Apache RocketMQ 5.0.0 <= 5.1.1

Apache RocketMQ 0 <= 4.9.6

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-37582_EXPLOIT
Created by Malayke

News Articles

favicon imageSangfor

CVE-2023-37582: Apache RocketMQ Remote Command Execution Vulnerability

On July 17, 2023, Sangfor FarSight Labs received notification about a remote command execution vulnerability in the Apache RocketMQ CVE-2023-37582.

11 months ago

References

https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg...
vendor-advisory
http://www.openwall.com/lists/oss-security/2023/07/12/1

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ“ฐ

    First article discovered by Sangfor

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

[email protected]
[email protected]
.