What is CVE-2022-41678?

CVE-2022-41678 is a vulnerability in Apache Software Foundation Activemq, classified under Improper Authentication. Published 2023-11-28.

Is CVE-2022-41678 known to be exploited?

41 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Apache Software Foundation Activemq

CVE-2022-41678

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRe…

Vulnerability class: Broken Authentication

EPSS: 0.930 (99.8th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Activemq — versions 0, 5.17.0, 5.18.0

Weakness classification (CWE)

CWE-287 — Improper Authentication

Public proof-of-concept exploits

Catherines77/ActiveMQ-EXPtools
URJACK2025/CVE-2022-41678
mbadanoiu/CVE-2022-41678
20142995/sectool
ARPSyndicate/cve-scores
AboSteam/POPC
DMW11525708/wiki
DawnT0wn/Learning-History
J1ezds/Vulnerability-Wiki-page
Lern0n/Lernon-POC

References

activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt (vendor-advisory)
lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl (vendor-advisory)
www.openwall.com/lists/oss-security/2023/11/28/1
security.netapp.com/advisory/ntap-20240216-0004/

Frequently asked questions

What is CVE-2022-41678?: CVE-2022-41678 is a vulnerability in Apache Software Foundation Activemq, classified under Improper Authentication. Published 2023-11-28.
Is CVE-2022-41678 known to be exploited?: 41 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.