Intrusion PreventionApache.ActiveMQ.CVE-2026-34197.Code.Injection
Description
This indicates an attack attempt to exploit a Code Injection vulnerability in Apache ActiveMQ.
The vulnerability is due to improper input validation in the vulnerable application. An authenticated attacker could exploit this vulnerability by sending a maliciously crafted request to the target server. Successful exploitation enables the attacker to execute arbitrary code within the security context of the application.
Affected Products
Apache ActiveMQ Broker before 5.19.4
Apache ActiveMQ Broker 6.0.0 before 6.2.3
Apache ActiveMQ before 5.19.4
Apache ActiveMQ 6.0.0 before 6.2.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2026-04-14 | 36.201 |
New
|
| ID | 60672 |
| Created | Apr 13, 2026 |
| Updated | Apr 14, 2026 |
| CVE ID | |
| Risk |
|
| Known Exploited | Yes |
| Exploit Prediction Score | 6.22% |
| Default Action | pass |
| Active | |
| Affected OS | All |
| Affected App | Apache |
| Profile Type | Code Injection |