CVE-2023-50780

HIGH

Apache ActiveMQ Artemis < 2.29.0 - Authenticated Arbitrary File Write and Remote Code Execution via Log4J2 MBean

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-50780. PoCs published by mbadanoiu.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2023-50780, which involves dangerous MBeans accessible via the Jolokia API in Apache ActiveMQ Artemis. It outlines multiple attack vectors, including arbitrary file write/read and DoS, with references to PDF reports for exploitation details.

Description

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE. Users are recommended to upgrade to version 2.29.0 or later, which fixes the issue.

Exploits (1)

nomisec WRITEUP

by mbadanoiu · poc

https://github.com/mbadanoiu/CVE-2023-50780

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2023-50780, which involves dangerous MBeans accessible via the Jolokia API in Apache ActiveMQ Artemis. It outlines multiple attack vectors, including arbitrary file write/read and DoS, with references to PDF reports for exploitation details.

Classification

Writeup 90%

Attack Type

Rce | Info Leak | Dos

Complexity

Moderate

Reliability

Theoretical

Target: Apache ActiveMQ Artemis

Auth required

Prerequisites: Valid credentials for user with 'admin' role · Access to Jolokia API endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List

http://www.openwall.com/lists/oss-security/2024/10/14/2

Issue Tracking, Mailing List, Vendor Advisory vendor-advisory

https://lists.apache.org/thread/63b78shqz312phsx7v1ryr7jv7bprg58

Scores

CVSS v3 8.8

EPSS 0.1654

EPSS Percentile 96.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-285

Status published

Products (3)

apache/activemq_artemis < 2.29.0

apache/artemis < 2.29.0

org.apache.activemq/artemis-cli 0 - 2.29.0Maven

Published Oct 14, 2024

Tracked Since Feb 18, 2026