RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code.
{ "cpes": [ "cpe:2.3:a:vmware:rabbitmq:*:*:*:*:*:*:*:*" ], "severity": "Medium" }