GHSA-269m-695x-j34p

Source

https://github.com/advisories/GHSA-269m-695x-j34p

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-269m-695x-j34p/GHSA-269m-695x-j34p.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-269m-695x-j34p

Aliases

CVE-2017-15702

Published

2018-10-19T16:41:04Z

Modified

2024-12-03T05:56:23.482137Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Apache Qpid Broker vulnerable to authentication port spoofing

Details

Apache Qpid Broker-J versions 0.18 through 0.32 are vulnerable to authentication port spoofing. When the broker is configured with different authentication providers on different ports, one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected.

Database specific

{
    "nvd_published_at": "2017-12-01T15:29:00Z",
    "cwe_ids": [],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T20:51:29Z"
}

References

Affected packages

Maven / org.apache.qpid:qpid-broker

Package

Name: org.apache.qpid:qpid-broker; View open source insights on deps.dev
Purl: pkg:maven/org.apache.qpid/qpid-broker

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0.18

Fixed

6.0.0

Affected versions

0.*

0.18

0.20

0.22

0.24

0.26

0.28

0.30

0.32

Database specific

{
    "last_known_affected_version_range": "<= 0.32"
}