diff --git a/javascript/cves/2023/CVE-2023-46604.yaml b/javascript/cves/2023/CVE-2023-46604.yaml index 1958a26c47..87c1b17806 100644 --- a/javascript/cves/2023/CVE-2023-46604.yaml +++ b/javascript/cves/2023/CVE-2023-46604.yaml @@ -6,7 +6,7 @@ info: severity: critical description: | Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. - Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue. + Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue. reference: - http://www.openwall.com/lists/oss-security/2023/10/27/5 - https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt @@ -48,7 +48,7 @@ javascript: packet+=(b.WriteString(exploit_xml)).Hex() conn.SendHex(packet); resp = conn.RecvString() - randomvar + randomvar args: Host: "{{Host}}"