¡¾Îó²îͨ¸æ¡¿Apache ActiveMQ NMS AMQP ·´ÐòÁл¯Îó²î(CVE-2025-54539)

Ðû²¼Ê±¼ä 2025-10-17

Ò»¡¢Îó²î¸ÅÊö


Îó²îÃû³Æ

Apache ActiveMQ NMS AMQP ·´ÐòÁл¯Îó²î

CVE   ID

CVE-2025-54539

Îó²îÀàÐÍ

·´ÐòÁл¯Îó²î

·¢Ã÷ʱ¼ä

2025-10-17

Îó²îÆÀ·Ö

9.8

Îó²îÆ·¼¶

ÑÏÖØ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

ÎÞ

ʹÓÃÄѶÈ

µÍ

Óû§½»»¥

ÐèÒª

PoC/EXP

δ¹ûÕæ

ÔÚҰʹÓÃ

δ·¢Ã÷


Apache ActiveMQÊÇÒ»¿îÓÉApacheÈí¼þ»ù½ð»á¿ª·¢µÄ¿ªÔ´ÐÂÎÅÖÐÐļþ £¬Ö§³ÖJMS¡¢AMQP¡¢MQTT¡¢STOMPµÈ¶àÖÖÐÂÎÅЭÒé¡£ËüÓÃÓÚ¹¹½¨¸ß¿É¿¿µÄÒì²½ÐÂÎÅת´ïϵͳ £¬ÊµÏÖÓ¦ÓüäµÄ½âñîÓëÒ첽ͨѶ £¬ÆÕ±éÓ¦ÓÃÓÚÆóÒµ¼¶ÐÂÎÅÐÐÁС¢ÂþÑÜʽϵͳÓë΢·þÎñ¼Ü¹¹ÖС£


2025Äê10ÔÂ17ÈÕ £¬×ðÁú¿­¹ÙÍøÈë¿Ú¼¯ÍÅVSRC¼à²âµ½Apache ActiveMQ NMS AMQP ClientµÄ·´ÐòÁл¯Îó²î £¬µ±Óë²»ÊÜÐÅÈÎAMQP·þÎñÆ÷½»»¥Ê± £¬¿Í»§¶ËµÄ¶þ½øÖÆ·´ÐòÁл¯¿É±»ÀÄÓà £¬¹¥»÷Õß¿ÉÄÜÖ´ÐÐí§Òâ´úÂë¡£ËäÔÚ2.1.0ÒýÈëallow/deny°×Ãûµ¥ÒÔÏÞÖÆ·´ÐòÁл¯ £¬µ«ÔÚijЩÌõ¼þÏ¿ɱ»Èƹý¡£Îó²îÆÀ·Ö9.8·Ö £¬Îó²î¼¶±ðÑÏÖØ¡£


¶þ¡¢Ó°Ïì¹æÄ£


Apache ActiveMQ NMS AMQP Client <= 2.3.0


Èý¡¢Çå¾²²½·¥


3.1 Éý¼¶°æ±¾


apache¹Ù·½ÒÑÐû²¼ÐÞ¸´²¹¶¡ £¬ÒÔÐÞ¸´¸ÃÎó²î¡£
Apache ActiveMQ NMS AMQP Client >= 2.4.0


ÏÂÔØÁ´½Ó£ºhttps://activemq.apache.org/


3.2 ÔÝʱ²½·¥


ÔÝÎÞ¡£


3.3 ͨÓý¨Òé


? °´ÆÚ¸üÐÂϵͳ²¹¶¡ £¬ïÔ̭ϵͳÎó²î £¬ÌáÉý·þÎñÆ÷µÄÇå¾²ÐÔ¡£
ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ £¬Ð޸ķÀ»ðǽսÂÔ £¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻò·þÎñ £¬ïÔÌ­½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø £¬ïÔÌ­¹¥»÷Ãæ¡£
ʹÓÃÆóÒµ¼¶Çå¾²²úÆ· £¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£
ÔöǿϵͳÓû§ºÍȨÏÞ¹ÜÀí £¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò £¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£
ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£


3.4 ²Î¿¼Á´½Ó


https://seclists.org/oss-sec/2025/q4/47/
https://lists.apache.org/thread/9k684j07ljrshy3hxwhj5m0xjmkz1g2n/
https://nvd.nist.gov/vuln/detail/CVE-2025-54539