Ctrl + K
/ news / CVE
CVEPublished 2024-05-023 articles on news6 live referencesNVD data

CVE-2024-32114

Vulnerability data via CVEDB (Shodan)

CVSS v3.1
8.5
HIGH
EPSS percentile
92
Exploit Prediction Scoring System · top 8% of all CVEs
Description

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker (using Jolokia JMX REST API) and/or produce/consume messages or purge/delete destinations (using the Message REST API). To mitigate, users can update the default conf/jetty.xml configuration file to add authentication requirement: <bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">   <property name="constraint" ref="securityConstraint" />   <property name="pathSpec" value="/" /> </bean> Or we encourage users to upgrade to Apache ActiveMQ 6.1.2 where the default configuration has been updated with authentication by default.

Timeline
Published 2024-05-02

External references

NVDMITREExploit-DBSploitustrickest/cveVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2024-32114
Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product + version
product:"Apache Activemq" version:"6.0.0"
Version-pinned fingerprint from NVD's first vulnerable CPE.
Shodan · banner/body mention
http.html:"Activemq"
HTTP body or banner mentions "Activemq" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2024-32114
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2024-32114
Censys host search filtered to this CVE id.
grep.app
CVE-2024-32114
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2024-32114
GitHub code search for direct mentions.
Google dork
"CVE-2024-32114" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (8)

CVE-2024-321148 repos
Threekiii/Awesome-POCJava
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.
★ 5,043·updated 1mo ago
GhostTroops/TOPShell
TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things
★ 731·updated today
Threekiii/CVEunknown
一个 CVE 漏洞预警知识库,无 exp/poc,部分包含修复方案。A knowledge base of CVE security vulnerability, no PoCs/exploits.
★ 170·updated 1w ago
Catherines77/ActiveMQ-EXPtoolsJava
Apache ActiveMQ漏洞综合利用工具(CVE-2015-5254,CVE-2016-3088,CVE-2022-41678,CVE-2023-46604,CVE-2024-32114,CVE-2026-34197,CVE-2026-40466, CVE-2026-42588)
★ 78·updated 2w ago
DarkFunct/TK-CVE-RepoPython
TK-CVE-Repo
★ 50·updated 2w ago
enomothem/PenTestNoteunknown
学而不思则罔,思而不学则殆💦
★ 47·updated 1y ago
J1ezds/Vulnerability-Wiki-pageHTML
这是一个每天同步Vulnerability-Wiki中docs-base中内容的项目
★ 14·updated 1mo ago
DEVSECURITYSPRO/CVE-2026-34197Python
CVE-2026-34197 - Apache ActiveMQ RCE via Jolokia Endpoint PoC
★ 4·updated 2mo ago
Articles on news mentioning CVE-2024-32114