cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-23321,https://securityvulnerability.io/vulnerability/CVE-2024-23321,Sensitive Information Exposure Risk in RocketMQ,"The vulnerability presents a significant risk for RocketMQ versions 5.2.0 and earlier, where unauthorized actors may acquire sensitive information despite the application's authentication and authorization functionalities. An attacker with regular user privileges or who is valid on the IP whitelist could exploit specific interfaces to obtain the administrator account and password. This breach could provide the attacker full control over the RocketMQ instance, contingent upon having access to the broker IP list. To alleviate these security concerns, it is imperative for users to upgrade to version 5.3.0 or higher and transition to RocketMQ ACL 2.0 for enhanced security measures.",Apache,Apache RocketMQ,8.8,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2024-07-22T09:24:15.807Z,0
CVE-2023-37582,https://securityvulnerability.io/vulnerability/CVE-2023-37582,Apache RocketMQ: Possible remote code execution when using the update configuration function,"The RocketMQ NameServer component is affected by a persistent remote command execution vulnerability. This issue arises when NameServer addresses are improperly exposed on the extranet without adequate permission verification. Attackers can leverage this flaw to exploit the update configuration function, potentially executing arbitrary commands as the system users under which RocketMQ operates. Users are strongly advised to upgrade their NameServer to version 5.1.2 or later for RocketMQ 5.x and to version 4.9.7 or later for RocketMQ 4.x to mitigate these risks.",Apache,Apache RocketMQ,9.8,CRITICAL,0.04820000007748604,false,,true,false,true,2023-07-14T12:22:45.000Z,true,false,false,,2023-07-12T10:15:00.000Z,0
CVE-2023-33246,https://securityvulnerability.io/vulnerability/CVE-2023-33246,RocketMQ Versions 5.1.0 and Below Vulnerable to Remote Command Execution,"CVE-2023-33246 is a critical vulnerability impacting Apache RocketMQ versions 5.1.0 and below, allowing remote command execution under certain conditions. This vulnerability is being exploited by the Muhstik DDoS botnet to infect servers and expand its scale. The flaw affects components like NameServer, Broker, and Controller, all of which are exposed to the extranet and lack permission verification, enabling attackers to execute arbitrary commands in the system. Exploitation of the vulnerability involves using the update configuration function or forging the RocketMQ protocol content. Once abused, attackers proceed to execute a shell script, resulting in the installation of the Muhstik malware. With over 5,000 vulnerable instances of Apache RocketMQ still exposed to the internet, it is crucial for organizations to upgrade to the latest version and safeguard their systems from potential threats.",Apache,Apache RocketMQ,9.8,CRITICAL,0.9721999764442444,true,2023-09-06T00:00:00.000Z,true,true,true,2023-08-29T20:17:34.000Z,true,false,false,,2023-05-24T15:15:00.000Z,0
CVE-2019-17572,https://securityvulnerability.io/vulnerability/CVE-2019-17572,,"In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later.",Apache,Apache RocketMQ,5.3,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2020-05-14T16:10:48.000Z,0