You can track accessible MSMQ servers on our Dashboard here. We do not perform any intrusive checks on a discovered service.Īs of, we identify 403K accessible MSMQ services. We scan by sending a request to establish an MSMQ connection. Please note we do not test for the actual vulnerabilities mentioned, we simply check for the exposure of the MSMQ service. These vulnerabilities were patched by Microsoft on the 11th April 2023.įor more details on the background of QueueJumper please read the Checkpoint publication. This includes CVE-2023-21554 (QueueJumper), an unauthenticated remote code execution vulnerability. On April 11th 2023, Checkpoint published information about multiple vulnerabilities in the service on Windows which they named QUEUEJUMPER: CRITICAL UNAUTHENTICATED RCE VULNERABILITY IN MSMQ SERVICE. Message Queuing provides guaranteed message delivery, efficient routing, security, transaction support, and priority-based messaging. Message Queuing applications can use the Message Queuing infrastructure to communicate across heterogeneous networks and with computers that may be offline. This service may be optionally enabled on Windows operating systems, including Windows Server 2022 and Windows 11.Īccording to Microsoft, Microsoft Message Queuing is a message infrastructure and a development platform for creating distributed, loosely-coupled messaging applications for the Microsoft® Windows® operating system. This report identifies accessible Microsoft Message Queuing (MSMQ) servers on port 1801/TCP.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |