CVE-2017-4966
- Source
- https://cve.org/CVERecord?id=CVE-2017-4966
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-4966.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-4966
- Downstream
- Published
- 2017-06-13T06:29:00.503Z
- Modified
- 2026-03-10T14:29:43.061939Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. RabbitMQ management UI stores signed-in user credentials in a browser's local storage without expiration, making it possible to retrieve them using a chained attack.
- References
Affected packages
Git / github.com/rabbitmq/rabbitmq-server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/rabbitmq/rabbitmq-server
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "3.4.0" }, { "introduced": "0" }, { "last_affected": "3.4.1" }, { "introduced": "0" }, { "last_affected": "3.4.2" }, { "introduced": "0" }, { "last_affected": "3.4.3" }, { "introduced": "0" }, { "last_affected": "3.4.4" }, { "introduced": "0" }, { "last_affected": "3.5.0" }, { "introduced": "0" }, { "last_affected": "3.5.1" }, { "introduced": "0" }, { "last_affected": "3.5.2" }, { "introduced": "0" }, { "last_affected": "3.5.3" }, { "introduced": "0" }, { "last_affected": "3.5.6" }, { "introduced": "0" }, { "last_affected": "3.6.7" }, { "introduced": "0" }, { "last_affected": "3.5.4" }, { "introduced": "0" }, { "last_affected": "3.5.5" }, { "introduced": "0" }, { "last_affected": "3.5.7" }, { "introduced": "0" }, { "last_affected": "3.6.0" }, { "introduced": "0" }, { "last_affected": "3.6.1" }, { "introduced": "0" }, { "last_affected": "3.6.2" }, { "introduced": "0" }, { "last_affected": "3.6.3" }, { "introduced": "0" }, { "last_affected": "3.6.4" }, { "introduced": "0" }, { "last_affected": "3.6.5" }, { "introduced": "0" }, { "last_affected": "3.6.6" }, { "introduced": "0" }, { "last_affected": "1.5.0" }, { "introduced": "0" }, { "last_affected": "1.5.1" }, { "introduced": "0" }, { "last_affected": "1.5.2" }, { "introduced": "0" }, { "last_affected": "1.5.3" }, { "introduced": "0" }, { "last_affected": "1.5.4" }, { "introduced": "0" }, { "last_affected": "1.5.5" }, { "introduced": "0" }, { "last_affected": "1.6.0" }, { "introduced": "0" }, { "last_affected": "1.7.0" }, { "introduced": "0" }, { "last_affected": "1.7.2" } ] }
Affected versions
Other
6547461e6c2e
Aman-06-09-08
Aman-06-09-08_2
rabbitmq_v1_4_0
rabbitmq_v1_5_0
rabbitmq_v1_5_1
rabbitmq_v1_5_2
rabbitmq_v1_5_3
rabbitmq_v1_5_4
rabbitmq_v1_5_5
rabbitmq_v1_6_0
rabbitmq_v1_7_0
rabbitmq_v1_7_1
rabbitmq_v1_7_2
rabbitmq_v1_8_0
rabbitmq_v1_8_1
rabbitmq_v2_0_0
rabbitmq_v2_1_0
rabbitmq_v2_1_1
rabbitmq_v2_2_0
rabbitmq_v2_3_0
rabbitmq_v2_3_1
rabbitmq_v2_4_0
rabbitmq_v2_4_1
rabbitmq_v2_5_0
rabbitmq_v2_5_1
rabbitmq_v2_6_0
rabbitmq_v2_6_1
rabbitmq_v2_7_0
rabbitmq_v2_7_1
rabbitmq_v2_8_0
rabbitmq_v2_8_1
rabbitmq_v2_8_2
rabbitmq_v3_0_0
rabbitmq_v3_0_1
rabbitmq_v3_0_2
rabbitmq_v3_0_3
rabbitmq_v3_0_4
rabbitmq_v3_1_0
rabbitmq_v3_1_1
rabbitmq_v3_1_2
rabbitmq_v3_1_3
rabbitmq_v3_1_4
rabbitmq_v3_1_5
rabbitmq_v3_2_0
rabbitmq_v3_2_1
rabbitmq_v3_2_2
rabbitmq_v3_2_3
rabbitmq_v3_2_4
rabbitmq_v3_3_0
rabbitmq_v3_3_1
rabbitmq_v3_3_2
rabbitmq_v3_3_3
rabbitmq_v3_3_4
rabbitmq_v3_3_5
rabbitmq_v3_4_0
rabbitmq_v2.*
rabbitmq_v2.6.0
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.5.19"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-4966.json"