Apache ActiveMQ vulnerability CVE-2023-46604 affects the Symantec DLP Network Discover solution using Grid deployments only.
This can affect all in-service DLP versions (15.8, 16.0, 16.0.1).
Hotfixes have been released for all 3 DLP branches, per the Advisory on this topic:
Symantec Data Loss Prevention Hot Fix Available That Resolves an ActiveMQ 5.14.4 Vulnerability
Please download and install the hotfix available for your release.
Mitigation and workaround for those who cannot apply the hotfixes immediately.
Please note that this vulnerability can only be exploited if both of the following are true:
Additionally: Discover Clusters do not use ActiveMQ.
Workaround to mitigate if published Hotfix is not being applied: