Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1279

Опубликовано: 10 дек. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 3.3
CVSS3: 8.5

Описание

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

3.9.8-6
esm-infra/bionic

needs-triage

esm-infra/focal

needs-triage

esm-infra/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
impish

ignored

end of life
jammy

not-affected

3.9.8-6
kinetic

not-affected

3.9.8-6
lunar

not-affected

3.9.8-6

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%
0.00324
Низкий

3.3 Low

CVSS2

8.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-1279

CVSS3: 6.5
redhat
около 7 лет назад

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster.

nvd логотип

CVE-2018-1279

CVSS3: 8.5
nvd
около 7 лет назад

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster.

debian логотип

CVE-2018-1279

CVSS3: 8.5
debian
около 7 лет назад

Pivotal RabbitMQ for PCF, all versions, uses a deterministically gener ...

github логотип

GHSA-f9rc-w362-jp2c

CVSS3: 6.5
github
больше 3 лет назад

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster.

EPSS

Процентиль: 55%
0.00324
Низкий

3.3 Low

CVSS2

8.5 High

CVSS3