US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog
Security Affairs
SEPTEMBER 9, 2023
US CISA added critical vulnerability CVE-2023-33246 in Apache RocketMQ to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-33246 (CVSS score 9.8) affecting Apache RocketMQ to its Known Exploited Vulnerabilities Catalog. Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification.
Let's personalize your content