A critical vulnerability in Apache ActiveMQ (CVE-2024-32114) has been actively exploited, allowing attackers to access message brokers without authentication. Linux administrators running ActiveMQ services should take immediate steps to secure their systems and prevent potential data exposure or service disruption.
This flaw affects ActiveMQ versions 6.x prior to 6.1.2. On Linux servers, the default configuration of the Jolokia JMX REST API and the Message REST API can expose the broker to unauthenticated access. Attackers can produce or consume messages, delete queues, or manipulate destinations, potentially leading to service interruptions or leakage of sensitive data.