{"cve":{"cve_id":"CVE-2023-46604","is_kev":true,"kev_date_added":"2023-11-02","kev_vendor_project":"Apache","kev_product":"ActiveMQ","kev_vulnerability_name":"Apache ActiveMQ Deserialization of Untrusted Data Vulnerability","kev_short_description":"Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.","kev_required_action":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","kev_due_date":"2023-11-23","kev_known_ransomware":true,"kev_notes":"https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt; https://nvd.nist.gov/vuln/detail/CVE-2023-46604","kev_cwes":["CWE-502"],"epss_score":0.99654,"epss_percentile":0.99947,"epss_as_of":"2026-06-23","description":"The Java OpenWire protocol marshaller is vulnerable to Remote Code \nExecution. This vulnerability may allow a remote attacker with network \naccess to either a Java-based OpenWire broker or client to run arbitrary\n shell commands by manipulating serialized class types in the OpenWire \nprotocol to cause either the client or the broker (respectively) to \ninstantiate any class on the classpath.\n\nUsers are recommended to upgrade\n both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 \nwhich fixes this issue.","published_at":"2023-10-27T14:59:31.046000Z","last_modified_at":null,"cvss_v3_score":10.0,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-502"],"nvd_references":["https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt","https://www.openwall.com/lists/oss-security/2023/10/27/5","https://security.netapp.com/advisory/ntap-20231110-0010/","https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html","https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html","http://seclists.org/fulldisclosure/2024/Apr/18"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T01:39:28.500535Z"},"effective_severity":"CRITICAL","badges":["kev","ransomware","poc","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq","product_name":"Apache ActiveMQ","version_start":"5.18.0","version_start_inclusive":true,"version_end":"5.18.3","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq:5.18.0:5.18.3"},{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq","product_name":"Apache ActiveMQ","version_start":"5.17.0","version_start_inclusive":true,"version_end":"5.17.6","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq:5.17.0:5.17.6"},{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq","product_name":"Apache ActiveMQ","version_start":"5.16.0","version_start_inclusive":true,"version_end":"5.16.7","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq:5.16.0:5.16.7"},{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq","product_name":"Apache ActiveMQ","version_start":"0","version_start_inclusive":true,"version_end":"5.15.16","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq:0:5.15.16"},{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq-legacy-openwire-module","product_name":"Apache ActiveMQ Legacy OpenWire Module","version_start":"5.18.0","version_start_inclusive":true,"version_end":"5.18.3","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq-legacy-openwire-module:5.18.0:5.18.3"},{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq-legacy-openwire-module","product_name":"Apache ActiveMQ Legacy OpenWire Module","version_start":"5.17.0","version_start_inclusive":true,"version_end":"5.17.6","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq-legacy-openwire-module:5.17.0:5.17.6"},{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq-legacy-openwire-module","product_name":"Apache ActiveMQ Legacy OpenWire Module","version_start":"5.16.0","version_start_inclusive":true,"version_end":"5.16.7","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq-legacy-openwire-module:5.16.0:5.16.7"},{"vendor_slug":"apache-software-foundation","vendor_name":"Apache Software Foundation","product_slug":"apache-activemq-legacy-openwire-module","product_name":"Apache ActiveMQ Legacy OpenWire Module","version_start":"5.8.0","version_start_inclusive":true,"version_end":"5.15.16","version_end_inclusive":false,"cpe23_uri":"cve5:apache-software-foundation:apache-activemq-legacy-openwire-module:5.8.0:5.15.16"}],"exploit_refs":[{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2023/CVE-2023-46604.yaml","title":"Apache ActiveMQ - Remote Code Execution","author":"Ice3man,Mzack9999,pdresearch","disclosed_at":null}],"news":[],"references":[{"url":"https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2023/10/27/5","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://security.netapp.com/advisory/ntap-20231110-0010/","source_type":"MISC","tags":[]},{"url":"https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://seclists.org/fulldisclosure/2024/Apr/18","source_type":"MAILING_LIST","tags":["mailing-list"]}],"timeline":[{"type":"published","at":"2023-10-27T14:59:31.046000Z","label":"CVE published","source":null},{"type":"cisa_reported","at":"2023-11-02T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"poc_available","at":"2026-06-24T00:29:48.638073Z","label":"Public PoC available","source":"nuclei"},{"type":"cvss_changed","at":"2026-06-28T17:30:27.310763Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:30:27.310763Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:30:27.310763Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:39:28.500535Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:39:28.500535Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:39:28.500535Z","label":"SSVC decision revised","source":"vulnrichment"}]}