Описание
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.
Ссылки
- Vendor Advisory
- http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.htmlThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Issue TrackingVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.htmlThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Issue TrackingVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
9.1 Critical
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid J ...
AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication
EPSS
9.1 Critical
CVSS3
5 Medium
CVSS2