CVE-2023-33246

Source
https://cve.org/CVERecord?id=CVE-2023-33246
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33246.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-33246
Aliases
Published
2023-05-24T15:15:09.553Z
Modified
2026-04-10T04:58:10.696373Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. 

Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. 

To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .

References

Affected packages

Git / github.com/apache/rocketmq

Affected ranges

Type
GIT
Repo
https://github.com/apache/rocketmq
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Introduced
Fixed
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.9.6"
        },
        {
            "introduced": "5.0.0"
        },
        {
            "fixed": "5.1.1"
        }
    ]
}

Affected versions

rocketmq-all-4.*
rocketmq-all-4.2.0
rocketmq-all-4.4.0
rocketmq-all-4.5.1
rocketmq-all-4.5.2
rocketmq-all-4.6.0
rocketmq-all-4.6.1
rocketmq-all-4.7.0
rocketmq-all-4.7.1
rocketmq-all-4.8.0
rocketmq-all-4.9.0
rocketmq-all-4.9.1
rocketmq-all-4.9.2
rocketmq-all-4.9.3
rocketmq-all-4.9.4
rocketmq-all-4.9.5
rocketmq-all-5.*
rocketmq-all-5.1.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33246.json"