CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15702
https://notcve.org/view.php?id=CVE-2017-15702
In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected. • http://www.securityfocus.com/bid/102040 https://issues.apache.org/jira/browse/QPID-8039 https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E https://qpid.apache.org/cves/CVE-2017-15702.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4432
https://notcve.org/view.php?id=CVE-2016-4432
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging. La manipulación de conexión AMQP 0-8, 0-9, 0-91 y 0-10 en Apache Qpid Java en versiones anteriores a 6.0.3 podría permitir a atacantes remotos eludir la autenticación y consecuentemente realizar acciones a través de vectores relacionados con el registro de estado de conexión. • http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html http://www.securityfocus.com/archive/1/538508/100/0/threaded http://www.securitytracker.com/id/1035983 https://issues.apache.org/jira/browse/QPID-7257 https://svn.apache.org/viewvc?view=revision&revision=1743161 https://svn.apache.org/viewvc?view=revision&revision= • CWE-287: Improper Authentication •
CVSS: 5.9EPSS: 1%CPEs: 1EXPL: 0CVE-2016-3094
https://notcve.org/view.php?id=CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception. PlainSaslServer.java en Apache Qpid Java en versiones anteriores a 6.0.3, cuando el broker está configurado para permitir contraseñas en texto plano, permite a atacantes remotos provocar una denegación de servicio (terminación del broker) a través de un intento de autenticación manipulado, lo que desencadena una excepción no capturada. • http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3C5748641A.2050701%40gmail.com%3E http://packetstormsecurity.com/files/137215/Apache-Qpid-Java-Broker-6.0.2-Denial-Of-Service.html http://qpid.apache.org/releases/qpid-java-6.0.3/release-notes.html http://www.securityfocus.com/archive/1/538507/100/0/threaded http://www.securitytracker.com/id/1035982 https://issues.apache.org/jira/browse/QPID-7271 https://svn.apache.org/viewvc?view=revision&revision=1744403 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •