Search criteria
24 vulnerabilities found for qpid_broker-j by apache
FKIE_CVE-2019-0200
Vulnerability from fkie_nvd - Published: 2019-03-06 18:29 - Updated: 2024-11-21 04:16
Severity ?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | * | |
| apache | qpid_broker-j | 7.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "397B8B45-EBE2-4052-BEDC-E03E2C371719",
"versionEndIncluding": "7.0.6",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A221E2E5-B021-4DC0-8D07-7C58BF1F23FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en Apache Qpid Broker-J, desde la versi\u00f3n 6.0.0 hasta la 7.0.6 (inclusivas) y en la 7.10, que permite a un atacante no autenticado forzar el cierre de la instancia broker, enviando comandos especialmente manipulados mediante el protocolo AMQP en versiones anteriores a la 1.0 (AMQP 0-8, 0-9, 0-91 y 0-10). Los usuarios de Apache Qpid Broker-J, desde la versi\u00f3n 6.0.0 hasta la 7.0.6 (inclusivas) y en la 7.1.0, utilizando los protocolos AMQP 0-8, 0-9, 0-91, 0-10 deber\u00e1n actualizar a las versiones de Qpid Broker-J 7.0.7 o 7.1.1 y posteriores."
}
],
"id": "CVE-2019-0200",
"lastModified": "2024-11-21T04:16:28.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-06T18:29:00.247",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107215"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de%40%3Cusers.qpid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de%40%3Cusers.qpid.apache.org%3E"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-8030
Vulnerability from fkie_nvd - Published: 2018-06-20 01:29 - Updated: 2024-11-21 04:13
Severity ?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6D75B3-9568-4841-A36D-9946CB41C79B",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en Apache Qpid Broker-J desde la versi\u00f3n 7.0.0 hasta la 7.0.4 cuando los protocolos AMQP 0-8, 0-9 o 0-91 se emplean para publicar mensajes con un tama\u00f1o mayor que el l\u00edmite de tama\u00f1o de mensaje m\u00e1ximo permitido (100 MB por defecto). El broker se cierre inesperadamente debido a este defecto. Los protocolos AMQP 0-10 y 1.0 no se han visto afectados."
}
],
"id": "CVE-2018-8030",
"lastModified": "2024-11-21T04:13:07.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T01:29:03.977",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041138"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876%40%3Cusers.qpid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876%40%3Cusers.qpid.apache.org%3E"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-1298
Vulnerability from fkie_nvd - Published: 2018-02-09 14:29 - Updated: 2024-11-21 03:59
Severity ?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC66FE3-69F5-43AE-82C4-AF8B9816427A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called \"Authentication Providers\". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en Apache Qpid Broker-J 7.0.0, en la funcionalidad para la autenticaci\u00f3n de conexiones para los protocolos AMQP 0-8, 0-9, 0-91 y 0-10 cuando se emplean los mecanismos PLAIN o XOAUTH2 SASL. La vulnerabilidad permite que un atacante no autenticado cierre la instancia broker inesperadamente. Las conexiones AMQP 1.0 y HTTP no se han visto afectadas. La autenticaci\u00f3n de conexiones AMQP entrantes en Apache Qpid Broker-J se realiza por medio de entidades especiales llamadas \"Authentication Providers\" (proveedores de autenticaci\u00f3n). Cada Authentication Provider puede soportar varios mecanismos SASL, que se ofrecen a los clientes que se conectan como parte del proceso de negociaci\u00f3n SASL. El cliente elige el mecanismo SASL m\u00e1s adecuado para la autenticaci\u00f3n. Los Authentication Providers de los siguientes tipos soportan el mecanismo PLAIN SASL: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256 y SCRAM-SHA-1. El mecanismo XOAUTH2 SASL est\u00e1 soportado por los Authentication Providers de tipo OAuth2. Si un puerto AMQP est\u00e1 configurado con cualquiera de estos Authentication Providers, el broker podr\u00eda ser vulnerable."
}
],
"id": "CVE-2018-1298",
"lastModified": "2024-11-21T03:59:34.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-09T14:29:00.353",
"references": [
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-15701
Vulnerability from fkie_nvd - Published: 2017-12-01 15:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | http://www.securityfocus.com/bid/102041 | Third Party Advisory, VDB Entry | |
| security@apache.org | https://issues.apache.org/jira/browse/QPID-7947 | Issue Tracking, Vendor Advisory | |
| security@apache.org | https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E | ||
| security@apache.org | https://qpid.apache.org/cves/CVE-2017-15701.html | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102041 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.apache.org/jira/browse/QPID-7947 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://qpid.apache.org/cves/CVE-2017-15701.html | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84271735-DF9D-4AAF-B123-88403028D2A4",
"versionEndIncluding": "6.1.4",
"versionStartIncluding": "6.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected."
},
{
"lang": "es",
"value": "En Apache Qpid Broker-J versiones 6.1.0 hasta 6.1.4 (inclusive), el broker no impone apropiadamente un tama\u00f1o m\u00e1ximo de trama en tramas AMQP versi\u00f3n 1.0. Un atacante remoto no autenticado podr\u00eda explotar esto para hacer que el broker agote toda la memoria disponible y finalmente termine. Los protocolos AMQP m\u00e1s antiguos no se ven afectados."
}
],
"id": "CVE-2017-15701",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-01T15:29:00.213",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102041"
},
{
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-15702
Vulnerability from fkie_nvd - Published: 2017-12-01 15:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C295BD-3BF5-44E3-B0A6-14A060C1042D",
"versionEndIncluding": "0.32",
"versionStartIncluding": "0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected."
},
{
"lang": "es",
"value": "En las versiones 0.18 a 0.32 de Broker-J de Apache Qpid, si el broker est\u00e1 configurado con diferentes proveedores de autenticaci\u00f3n en diferentes puertos (uno de ellos es un puerto HTTP), un atacante remoto no autenticado puede enga\u00f1ar al broker conect\u00e1ndose al puerto HTTP para que utilice un proveedor de autenticaci\u00f3n que se configur\u00f3 en un puerto diferente. El atacante a\u00fan necesitar\u00eda credenciales v\u00e1lidas con el proveedor de autenticaci\u00f3n en el puerto suplantado. Esto es un problema cuando el puerto suplantado tiene una protecci\u00f3n de autenticaci\u00f3n m\u00e1s d\u00e9bil (por ejemplo, acceso an\u00f3nimo, cuentas por defecto, etc.) y normalmente se protege con reglas de firewall o similares que pueden ser omitidos con esta vulnerabilidad. Los puertos AMQP no se ven afectados. Las versiones 6.0.0 y posteriores no se ven afectadas."
}
],
"id": "CVE-2017-15702",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-01T15:29:00.260",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102040"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8741
Vulnerability from fkie_nvd - Published: 2017-05-15 14:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html | Vendor Advisory | |
| security@apache.org | http://www.securityfocus.com/bid/95136 | Broken Link, Third Party Advisory, VDB Entry | |
| security@apache.org | http://www.securitytracker.com/id/1037537 | Broken Link, Third Party Advisory, VDB Entry | |
| security@apache.org | https://issues.apache.org/jira/browse/QPID-7599 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95136 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037537 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.apache.org/jira/browse/QPID-7599 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | 6.0.1 | |
| apache | qpid_broker-j | 6.0.2 | |
| apache | qpid_broker-j | 6.0.3 | |
| apache | qpid_broker-j | 6.0.4 | |
| apache | qpid_broker-j | 6.0.5 | |
| apache | qpid_broker-j | 6.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55070278-AC9D-410C-89E4-4C28EC8CAAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA6ED9D-1219-4403-BDB3-A31DD0E6EA81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49FDDDB5-C6B7-47D1-B77A-5AE62DA4BF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3FCAC788-0D15-47E5-AA36-6296D01AA35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D6037734-4A04-4EA4-A6AE-81202A5C8DE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "072FDAFD-73BF-4174-91DF-C22A7A80033B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256."
},
{
"lang": "es",
"value": "El Broker Qpid de Apache para Java puede ser configurado para usar diferentes llamados AuthenticationProviders para manejar la autenticaci\u00f3n de usuarios. Entre las opciones se encuentran los tipos AuthenticationProviders SCRAM-SHA-1 y SCRAM-SHA-256. Se detect\u00f3 que estos AuthenticationProvider en Broker Qpid de Apache para Java versiones 6.0.x anteriores a 6.0.6 y versiones 6.1.x anteriores a 6.1.1, terminan prematuramente la negociaci\u00f3n SASL de SCRAM si el nombre de usuario proporcionado no permite a un atacante remoto determinar la existencia de cuentas de usuario. La vulnerabilidad no se aplica a AuthenticationProviders que no sean SCRAM-SHA-1 y SCRAM-SHA-256."
}
],
"id": "CVE-2016-8741",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-15T14:29:00.153",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95136"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037537"
},
{
"source": "security@apache.org",
"tags": [
"Issue Tracking"
],
"url": "https://issues.apache.org/jira/browse/QPID-7599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://issues.apache.org/jira/browse/QPID-7599"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-4432
Vulnerability from fkie_nvd - Published: 2016-06-01 20:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF0FE3D-D08E-48BD-BBFC-1F7E781BC3D5",
"versionEndExcluding": "6.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."
},
{
"lang": "es",
"value": "La manipulaci\u00f3n de conexi\u00f3n AMQP 0-8, 0-9, 0-91 y 0-10 en Apache Qpid Java en versiones anteriores a 6.0.3 podr\u00eda permitir a atacantes remotos eludir la autenticaci\u00f3n y consecuentemente realizar acciones a trav\u00e9s de vectores relacionados con el registro de estado de conexi\u00f3n."
}
],
"id": "CVE-2016-4432",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-01T20:59:07.093",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035983"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-7257"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-7257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-3094
Vulnerability from fkie_nvd - Published: 2016-06-01 20:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | qpid_broker-j | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1998165C-0883-4A6B-82A2-FDB8B24C6DD2",
"versionEndIncluding": "6.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception."
},
{
"lang": "es",
"value": "PlainSaslServer.java en Apache Qpid Java en versiones anteriores a 6.0.3, cuando el broker est\u00e1 configurado para permitir contrase\u00f1as en texto plano, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (terminaci\u00f3n del broker) a trav\u00e9s de un intento de autenticaci\u00f3n manipulado, lo que desencadena una excepci\u00f3n no capturada."
}
],
"id": "CVE-2016-3094",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-01T20:59:05.060",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3C5748641A.2050701%40gmail.com%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137215/Apache-Qpid-Java-Broker-6.0.2-Denial-Of-Service.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://qpid.apache.org/releases/qpid-java-6.0.3/release-notes.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/538507/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-7271"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1744403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3C5748641A.2050701%40gmail.com%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137215/Apache-Qpid-Java-Broker-6.0.2-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://qpid.apache.org/releases/qpid-java-6.0.3/release-notes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/538507/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/QPID-7271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1744403"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-0200 (GCVE-0-2019-0200)
Vulnerability from cvelistv5 – Published: 2019-03-06 18:00 – Updated: 2024-09-16 20:58
VLAI?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
Apache Qpid Broker-J 6.0.0 to 7.0.6 (inclusive), 7.1.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:14.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[qpid-users] 20190301 [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de%40%3Cusers.qpid.apache.org%3E"
},
{
"name": "107215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Qpid Broker-J 6.0.0 to 7.0.6 (inclusive), 7.1.0"
}
]
}
],
"datePublic": "2019-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-07T10:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[qpid-users] 20190301 [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de%40%3Cusers.qpid.apache.org%3E"
},
{
"name": "107215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-0200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "Apache Qpid Broker-J 6.0.0 to 7.0.6 (inclusive), 7.1.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[qpid-users] 20190301 [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de@%3Cusers.qpid.apache.org%3E"
},
{
"name": "107215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-0200",
"datePublished": "2019-03-06T18:00:00Z",
"dateReserved": "2018-11-14T00:00:00",
"dateUpdated": "2024-09-16T20:58:31.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8030 (GCVE-0-2018-8030)
Vulnerability from cvelistv5 – Published: 2018-06-19 13:00 – Updated: 2024-09-16 19:41
VLAI?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected.
Severity ?
No CVSS data available.
CWE
- Denial of Service Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
7.0.0, 7.0.1, 7.0.2, 7.0.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041138"
},
{
"name": "[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876%40%3Cusers.qpid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "7.0.0, 7.0.1, 7.0.2, 7.0.3"
}
]
}
],
"datePublic": "2018-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "1041138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041138"
},
{
"name": "[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876%40%3Cusers.qpid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-06-18T00:00:00",
"ID": "CVE-2018-8030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "7.0.0, 7.0.1, 7.0.2, 7.0.3"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041138",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041138"
},
{
"name": "[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876@%3Cusers.qpid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-8030",
"datePublished": "2018-06-19T13:00:00Z",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-09-16T19:41:52.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1298 (GCVE-0-2018-1298)
Vulnerability from cvelistv5 – Published: 2018-02-09 14:00 – Updated: 2024-09-16 20:59
VLAI?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable.
Severity ?
No CVSS data available.
CWE
- Denial of Service Vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
7.0.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:37.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "7.0.0"
}
]
}
],
"datePublic": "2018-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called \"Authentication Providers\". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-09T13:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-02-08T00:00:00",
"ID": "CVE-2018-1298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "7.0.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called \"Authentication Providers\". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-1298",
"datePublished": "2018-02-09T14:00:00Z",
"dateReserved": "2017-12-07T00:00:00",
"dateUpdated": "2024-09-16T20:59:06.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15702 (GCVE-0-2017-15702)
Vulnerability from cvelistv5 – Published: 2017-12-01 15:00 – Updated: 2024-09-16 16:38
VLAI?
Summary
In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected.
Severity ?
No CVSS data available.
CWE
- Authentication vulnerability
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
0.18 through 0.32
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:49.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"name": "102040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102040"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15702] Apache Qpid Broker-J Authentication Vulnerability on HTTP Ports",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "0.18 through 0.32"
}
]
}
],
"datePublic": "2017-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-06T10:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"name": "102040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102040"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15702] Apache Qpid Broker-J Authentication Vulnerability on HTTP Ports",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-30T00:00:00",
"ID": "CVE-2017-15702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "0.18 through 0.32"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/QPID-8039",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"name": "102040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102040"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15702] Apache Qpid Broker-J Authentication Vulnerability on HTTP Ports",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090@%3Cdev.qpid.apache.org%3E"
},
{
"name": "https://qpid.apache.org/cves/CVE-2017-15702.html",
"refsource": "CONFIRM",
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-15702",
"datePublished": "2017-12-01T15:00:00Z",
"dateReserved": "2017-10-21T00:00:00",
"dateUpdated": "2024-09-16T16:38:43.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15701 (GCVE-0-2017-15701)
Vulnerability from cvelistv5 – Published: 2017-12-01 15:00 – Updated: 2024-09-16 16:28
VLAI?
Summary
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected.
Severity ?
No CVSS data available.
CWE
- Apache Qpid Broker-J Denial of Service Vulnerability
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:48.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15701] Apache Qpid Broker-J Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
},
{
"name": "102041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4"
}
]
}
],
"datePublic": "2017-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Apache Qpid Broker-J Denial of Service Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-20T19:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15701] Apache Qpid Broker-J Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
},
{
"name": "102041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-30T00:00:00",
"ID": "CVE-2017-15701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Apache Qpid Broker-J Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/QPID-7947",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15701] Apache Qpid Broker-J Denial of Service Vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe@%3Cdev.qpid.apache.org%3E"
},
{
"name": "https://qpid.apache.org/cves/CVE-2017-15701.html",
"refsource": "CONFIRM",
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
},
{
"name": "102041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-15701",
"datePublished": "2017-12-01T15:00:00Z",
"dateReserved": "2017-10-21T00:00:00",
"dateUpdated": "2024-09-16T16:28:48.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8741 (GCVE-0-2016-8741)
Vulnerability from cvelistv5 – Published: 2017-05-15 14:00 – Updated: 2024-08-06 02:34
VLAI?
Summary
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256.
Severity ?
No CVSS data available.
CWE
- Information Leakage
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5
Affected: 6.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:34:59.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037537",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7599"
},
{
"name": "95136",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95136"
},
{
"name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5"
},
{
"status": "affected",
"version": "6.1.0"
}
]
}
],
"datePublic": "2016-12-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "1037537",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7599"
},
{
"name": "95136",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95136"
},
{
"name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2016-8741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5"
},
{
"version_value": "6.1.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037537",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037537"
},
{
"name": "https://issues.apache.org/jira/browse/QPID-7599",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-7599"
},
{
"name": "95136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95136"
},
{
"name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
"refsource": "MLIST",
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-8741",
"datePublished": "2017-05-15T14:00:00",
"dateReserved": "2016-10-18T00:00:00",
"dateUpdated": "2024-08-06T02:34:59.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4432 (GCVE-0-2016-4432)
Vulnerability from cvelistv5 – Published: 2016-06-01 20:00 – Updated: 2024-08-06 00:32
VLAI?
Summary
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:24.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"name": "1035983",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035983"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"name": "1035983",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035983"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7257"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"name": "1035983",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035983"
},
{
"name": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393",
"refsource": "CONFIRM",
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
},
{
"name": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161",
"refsource": "CONFIRM",
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"name": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"name": "https://issues.apache.org/jira/browse/QPID-7257",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-7257"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4432",
"datePublished": "2016-06-01T20:00:00",
"dateReserved": "2016-05-02T00:00:00",
"dateUpdated": "2024-08-06T00:32:24.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3094 (GCVE-0-2016-3094)
Vulnerability from cvelistv5 – Published: 2016-06-01 20:00 – Updated: 2024-08-05 23:40
VLAI?
Summary
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7271"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1744403"
},
{
"name": "1035982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035982"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137215/Apache-Qpid-Java-Broker-6.0.2-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://qpid.apache.org/releases/qpid-java-6.0.3/release-notes.html"
},
{
"name": "20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538507/100/0/threaded"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3C5748641A.2050701%40gmail.com%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7271"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1744403"
},
{
"name": "1035982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035982"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137215/Apache-Qpid-Java-Broker-6.0.2-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://qpid.apache.org/releases/qpid-java-6.0.3/release-notes.html"
},
{
"name": "20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538507/100/0/threaded"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3C5748641A.2050701%40gmail.com%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3094",
"datePublished": "2016-06-01T20:00:00",
"dateReserved": "2016-03-10T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0200 (GCVE-0-2019-0200)
Vulnerability from nvd – Published: 2019-03-06 18:00 – Updated: 2024-09-16 20:58
VLAI?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
Apache Qpid Broker-J 6.0.0 to 7.0.6 (inclusive), 7.1.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:14.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[qpid-users] 20190301 [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de%40%3Cusers.qpid.apache.org%3E"
},
{
"name": "107215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Qpid Broker-J 6.0.0 to 7.0.6 (inclusive), 7.1.0"
}
]
}
],
"datePublic": "2019-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-07T10:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[qpid-users] 20190301 [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de%40%3Cusers.qpid.apache.org%3E"
},
{
"name": "107215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-0200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "Apache Qpid Broker-J 6.0.0 to 7.0.6 (inclusive), 7.1.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[qpid-users] 20190301 [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ac79d48de37d42b64da50384dbe9c8a329c5f553dd12ef7c28a832de@%3Cusers.qpid.apache.org%3E"
},
{
"name": "107215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-0200",
"datePublished": "2019-03-06T18:00:00Z",
"dateReserved": "2018-11-14T00:00:00",
"dateUpdated": "2024-09-16T20:58:31.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8030 (GCVE-0-2018-8030)
Vulnerability from nvd – Published: 2018-06-19 13:00 – Updated: 2024-09-16 19:41
VLAI?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected.
Severity ?
No CVSS data available.
CWE
- Denial of Service Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
7.0.0, 7.0.1, 7.0.2, 7.0.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041138"
},
{
"name": "[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876%40%3Cusers.qpid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "7.0.0, 7.0.1, 7.0.2, 7.0.3"
}
]
}
],
"datePublic": "2018-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "1041138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041138"
},
{
"name": "[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876%40%3Cusers.qpid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-06-18T00:00:00",
"ID": "CVE-2018-8030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "7.0.0, 7.0.1, 7.0.2, 7.0.3"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041138",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041138"
},
{
"name": "[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876@%3Cusers.qpid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-8030",
"datePublished": "2018-06-19T13:00:00Z",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-09-16T19:41:52.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1298 (GCVE-0-2018-1298)
Vulnerability from nvd – Published: 2018-02-09 14:00 – Updated: 2024-09-16 20:59
VLAI?
Summary
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable.
Severity ?
No CVSS data available.
CWE
- Denial of Service Vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
7.0.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:37.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "7.0.0"
}
]
}
],
"datePublic": "2018-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called \"Authentication Providers\". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-09T13:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-02-08T00:00:00",
"ID": "CVE-2018-1298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "7.0.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called \"Authentication Providers\". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-1298",
"datePublished": "2018-02-09T14:00:00Z",
"dateReserved": "2017-12-07T00:00:00",
"dateUpdated": "2024-09-16T20:59:06.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15702 (GCVE-0-2017-15702)
Vulnerability from nvd – Published: 2017-12-01 15:00 – Updated: 2024-09-16 16:38
VLAI?
Summary
In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected.
Severity ?
No CVSS data available.
CWE
- Authentication vulnerability
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
0.18 through 0.32
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:49.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"name": "102040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102040"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15702] Apache Qpid Broker-J Authentication Vulnerability on HTTP Ports",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "0.18 through 0.32"
}
]
}
],
"datePublic": "2017-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-06T10:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"name": "102040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102040"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15702] Apache Qpid Broker-J Authentication Vulnerability on HTTP Ports",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-30T00:00:00",
"ID": "CVE-2017-15702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "0.18 through 0.32"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/QPID-8039",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-8039"
},
{
"name": "102040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102040"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15702] Apache Qpid Broker-J Authentication Vulnerability on HTTP Ports",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090@%3Cdev.qpid.apache.org%3E"
},
{
"name": "https://qpid.apache.org/cves/CVE-2017-15702.html",
"refsource": "CONFIRM",
"url": "https://qpid.apache.org/cves/CVE-2017-15702.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-15702",
"datePublished": "2017-12-01T15:00:00Z",
"dateReserved": "2017-10-21T00:00:00",
"dateUpdated": "2024-09-16T16:38:43.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15701 (GCVE-0-2017-15701)
Vulnerability from nvd – Published: 2017-12-01 15:00 – Updated: 2024-09-16 16:28
VLAI?
Summary
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected.
Severity ?
No CVSS data available.
CWE
- Apache Qpid Broker-J Denial of Service Vulnerability
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:48.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15701] Apache Qpid Broker-J Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
},
{
"name": "102041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4"
}
]
}
],
"datePublic": "2017-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Apache Qpid Broker-J Denial of Service Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-20T19:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15701] Apache Qpid Broker-J Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
},
{
"name": "102041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-30T00:00:00",
"ID": "CVE-2017-15701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Apache Qpid Broker-J Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/QPID-7947",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-7947"
},
{
"name": "[dev] 20171130 [SECURITY] [CVE-2017-15701] Apache Qpid Broker-J Denial of Service Vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe@%3Cdev.qpid.apache.org%3E"
},
{
"name": "https://qpid.apache.org/cves/CVE-2017-15701.html",
"refsource": "CONFIRM",
"url": "https://qpid.apache.org/cves/CVE-2017-15701.html"
},
{
"name": "102041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-15701",
"datePublished": "2017-12-01T15:00:00Z",
"dateReserved": "2017-10-21T00:00:00",
"dateUpdated": "2024-09-16T16:28:48.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8741 (GCVE-0-2016-8741)
Vulnerability from nvd – Published: 2017-05-15 14:00 – Updated: 2024-08-06 02:34
VLAI?
Summary
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256.
Severity ?
No CVSS data available.
CWE
- Information Leakage
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Qpid Broker-J |
Affected:
6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5
Affected: 6.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:34:59.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037537",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7599"
},
{
"name": "95136",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95136"
},
{
"name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Qpid Broker-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5"
},
{
"status": "affected",
"version": "6.1.0"
}
]
}
],
"datePublic": "2016-12-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "1037537",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7599"
},
{
"name": "95136",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95136"
},
{
"name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2016-8741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Qpid Broker-J",
"version": {
"version_data": [
{
"version_value": "6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5"
},
{
"version_value": "6.1.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037537",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037537"
},
{
"name": "https://issues.apache.org/jira/browse/QPID-7599",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-7599"
},
{
"name": "95136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95136"
},
{
"name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
"refsource": "MLIST",
"url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-8741",
"datePublished": "2017-05-15T14:00:00",
"dateReserved": "2016-10-18T00:00:00",
"dateUpdated": "2024-08-06T02:34:59.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4432 (GCVE-0-2016-4432)
Vulnerability from nvd – Published: 2016-06-01 20:00 – Updated: 2024-08-06 00:32
VLAI?
Summary
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:24.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"name": "1035983",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035983"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"name": "1035983",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035983"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7257"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"
},
{
"name": "1035983",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035983"
},
{
"name": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393",
"refsource": "CONFIRM",
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743393"
},
{
"name": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161",
"refsource": "CONFIRM",
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1743161"
},
{
"name": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"
},
{
"name": "https://issues.apache.org/jira/browse/QPID-7257",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-7257"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4432",
"datePublished": "2016-06-01T20:00:00",
"dateReserved": "2016-05-02T00:00:00",
"dateUpdated": "2024-08-06T00:32:24.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3094 (GCVE-0-2016-3094)
Vulnerability from nvd – Published: 2016-06-01 20:00 – Updated: 2024-08-05 23:40
VLAI?
Summary
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/QPID-7271"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1744403"
},
{
"name": "1035982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035982"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137215/Apache-Qpid-Java-Broker-6.0.2-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://qpid.apache.org/releases/qpid-java-6.0.3/release-notes.html"
},
{
"name": "20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538507/100/0/threaded"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3C5748641A.2050701%40gmail.com%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/QPID-7271"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1744403"
},
{
"name": "1035982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035982"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137215/Apache-Qpid-Java-Broker-6.0.2-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://qpid.apache.org/releases/qpid-java-6.0.3/release-notes.html"
},
{
"name": "20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538507/100/0/threaded"
},
{
"name": "[qpid-users] 20160527 [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3C5748641A.2050701%40gmail.com%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3094",
"datePublished": "2016-06-01T20:00:00",
"dateReserved": "2016-03-10T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}