Описание
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Release Notes
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Release Notes
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Release Notes
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Release Notes
Уязвимые конфигурации
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker ...
Improper Input Validation in org.apache.qpid:qpid-broker
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2