"CVE-2026-34197 is a remote code execution vulnerability in Apache ActiveMQ Classic that has been hiding in plain sight for 13 years. An attacker can invoke a management operation through ActiveMQ's Jolokia API to trick the broker into fetching a remote configuration file and running arbitrary OS commands."
"The vulnerability requires credentials, but default credentials are common in many environments. This makes initial access trivial, especially since certain versions expose the Jolokia API without authentication entirely."
CISA has identified a critical vulnerability in Apache ActiveMQ, tracked as CVE-2026-34197, which allows authenticated users to execute arbitrary code. This bug has existed for over a decade and was recently disclosed by a researcher. Federal agencies must patch their systems by April 30 under a Binding Operational Directive. The vulnerability can be exploited through the Jolokia management API, and many deployments use default credentials, making them particularly vulnerable. Patches are available in the latest ActiveMQ versions.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]