DX NetOps and CVE-2023-46604 impacts for ActiveMQ
search cancel

DX NetOps and CVE-2023-46604 impacts for ActiveMQ

book

Article ID: 275664

calendar_today

Updated On:

Products

DX NetOps CA Performance Management - Usage and Administration

Issue/Introduction

DX NetOps Performance Management - CVE-2023-46604 Suspected Exploitation of Apache ActiveMQ

An RCE vulnerability has been identified in Apache ActiveMQ.

Is DX NetOps Performance Management affected by this?

Is DX NetOps affected by this?

Environment

All supported DX NetOps Performance Management Data Aggregator and Data Collector versions

Resolution

Only DX NetOps Performance Management Data Aggregator and Data Collector installations utilize Apache ActiveMQ.

All other DX NetOps components such as Spectrum, VNA, NFA, etc are not vulnerable. They do not use ActiveMQ.

DX NetOps 23.3.4 resolves this CVE by upgrading ActiveMQ. 

Broadcom suggests upgrading to the latest available GA release of NetOps for all components.

Additional Information

https://nvd.nist.gov/vuln/detail/CVE-2023-46604

https://activemq.apache.org/news/cve-2023-46604