Microsoft CVE-2023-36910: Microsoft Message Queuing Remote Code Execution Vulnerability

According to MS Documentation here:

The system is only vulnerable if the service Message Queuing is running and TCP port 1801 is listening on the machine.

Can you please adjust the Vuln Check in InsightVM to check this as well?


Our general approach is that we will flag up the existence of a vulnerability that needs to be patched or removed.

Microsofts own description of a mitigation visible in that link is “could reduce the severity of exploitation of a vulnerability”. This alligns with our view that a mitigation does not remove the vulnerability or the risk, but rather is a method of reducing your risk. Full remediation is always recommended by the vendor, and by Rapid7. Mitigations can be easily undone, leaving the system vulnerable again.

If you do not want to patch, and you are happy to accept the risk remaining, then I would recommend using an exception.