APP: Apache OpenMeetings Cluster Mode Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against Apache. A successful attack can lead to arbitrary code execution.
Extended Description
Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0 Description: Default clustering instructions at https://openmeetings.apache.org/Clustering.html doesn't specify white/black lists for OpenJPA this leads to possible deserialisation of untrusted data. Users are recommended to upgrade to version 8.0.0 and update their startup scripts to include the relevant 'openjpa.serialization.class.blacklist' and 'openjpa.serialization.class.whitelist' configurations as shown in the documentation.
Affected Products
Apache openmeetings
References
CVE: CVE-2024-54676
URL: https://lists.apache.org/thread/o0k05jxrt5tp4nm45lj14yfjxmg67m95
Short Name
APP:REMOTE:OPEN-CL-MD-INSC-DES
Severity
Major
Recommended
False
Recommended Action
None
Category
APP
Keywords
Apache CVE-2024-54676 Cluster Deserialization Insecure Mode OpenMeetings
Release Date
04/07/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3797
Port
TCP/5636
False Positive
Rarely
Vendors
Apache