adding reference + tags

http/cves/2023/CVE-2023-46604.yaml

@@ -1,15 +1,18 @@
 id: CVE-2023-46604
 
 info:
-  name: Apache ActiveMQ CVE-2023-46604 RCE
+  name: Apache ActiveMQ - Remote Code Execution
   author: Ice3man,Mzack9999,pdresearch
   severity: critical
-  description: |-
+  description: |
     Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
     Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
   reference:
     - http://www.openwall.com/lists/oss-security/2023/10/27/5
     - https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
+    - https://github.com/X1r0z/ActiveMQ-RCE
+    - https://attackerkb.com/topics/IHsgZDE3tS/cve-2023-46604/rapid7-analysis?referrer=etrblog
+    - https://paper.seebug.org/3058/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
     cvss-score: 10
@@ -18,7 +21,9 @@ info:
     epss-score: 0.00053
     epss-percentile: 0.19228
   metadata:
+    verified: true
     shodan-query: 'product:"ActiveMQ OpenWire Transport"'
+  tags: cve,cve2023,rce,apache,activemq,deserialization
 
 variables:
   prefix: "1f00000000000000000001010042"