Описание
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.
It was discovered that the Qpid daemon (qpidd) did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | qpid-cpp | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | qpid-cpp | Will not fix | ||
| MRG for RHEL-5 v. 2 | qpid-cpp-mrg | Fixed | RHSA-2015:0662 | 09.03.2015 |
| MRG for RHEL-6 v.3 | python-qpid | Fixed | RHSA-2015:0707 | 19.03.2015 |
| MRG for RHEL-6 v.3 | qpid-cpp | Fixed | RHSA-2015:0707 | 19.03.2015 |
| MRG for RHEL-6 v.3 | qpid-qmf | Fixed | RHSA-2015:0707 | 19.03.2015 |
| MRG Messaging v.3 for RHEL-7 | libdb | Fixed | RHSA-2015:0708 | 19.03.2015 |
| MRG Messaging v.3 for RHEL-7 | python-qpid | Fixed | RHSA-2015:0708 | 19.03.2015 |
| MRG Messaging v.3 for RHEL-7 | qpid-cpp | Fixed | RHSA-2015:0708 | 19.03.2015 |
| MRG Messaging v.3 for RHEL-7 | qpid-qmf | Fixed | RHSA-2015:0708 | 19.03.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remot ...
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.
EPSS
5.8 Medium
CVSS2