Solved
Is FME Server / Flow vulnerable for Apache ActiveMQ CVE-2023-46604 https://www.cve.org/CVERecord?id=CVE-2023-46604
Is FME Server / Flow vulnerable for Apache ActiveMQ CVE-2023-46604
https://www.cve.org/CVERecord?id=CVE-2023-46604
Best answer by keziaatsafe
According to our assessment, we believe that the only component in FME Form and FME Flow possibly affected by this vulnerability is the JMSSender/Receiver (Form) & JMS Subscriber/Publisher (Flow). We do not expect your workspaces or automation workflows to be affected if you’re not using either of these transformers.
That being said, Apache ActiveMQ will be upgraded to a non-vulnerable version for the 2023.2 and 2024.0+ releases. We will also backport the fix to a 2023.1.2 release.
This post is closed to further activity.
It may be a question with a best answer, an implemented idea, or just a post needing no comment.
If you have a follow-up or related question, please post a new question or idea.
If there is a genuine update to be made, please contact us and request that the post is reopened.
It may be a question with a best answer, an implemented idea, or just a post needing no comment.
If you have a follow-up or related question, please post a new question or idea.
If there is a genuine update to be made, please contact us and request that the post is reopened.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.