Описание
RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | windows installers only |
| devel | not-affected | windows installers only |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | windows installers only |
| esm-infra/focal | not-affected | windows installers only |
| esm-infra/xenial | not-affected | windows installers only |
| focal | not-affected | windows installers only |
| groovy | not-affected | windows installers only |
| hirsute | not-affected | windows installers only |
| precise/esm | DNE |
Показывать по
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.
RabbitMQ installers on Windows prior to version 3.8.16 do not harden p ...
RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.
Уязвимость установщика брокера сообщений RabbitMQ операционных систем Windows, позволяющая нарушителю выполнить произвольный код
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3