Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware
Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8
Apache web servers and related projects matter to cybersecurity because vulnerabilities, configuration errors, and exposed services can enable attacks.
Search across headline titles and summaries.
Background for this topic.
Apache HTTP Server is a widely used open-source web server software that delivers web content by handling client requests over the internet. It supports extensibility through modules that enable features like URL rewriting, authentication, and SSL/TLS encryption. Apache’s configuration flexibility and broad adoption make it a common platform for hosting websites and web applications.
Security risks with Apache often stem from outdated software versions and misconfigurations, which can expose vulnerabilities such as remote code execution, directory traversal, and denial-of-service attacks. Defenders should apply security patches promptly, enable modules like mod_security for web application firewall capabilities, and restrict access permissions carefully. Regular log monitoring is essential to detect suspicious activity, making Apache a critical focus for vulnerability management and web server hardening efforts.
Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8
Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise.
The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. [...]
We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.