CVE-2012-4446
qpid-cpp: qpid authentication bypass
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
La configuración por defecto de Apache Qpid v0.20 y anteriores, cuando el atributo federation_tag está activo, acepta conexiones AMQP sin comprobar el ID del usuario que lo manda, lo que permite a atacantes remotos evitar la autenticación y tener otras sin especificar a través de peticiones AMQP.
It was found that the Apache Qpid daemon (qpidd) treated AMQP connections with the federation_tag attribute set as a broker-to-broker connection, rather than a client-to-server connection. This resulted in the source user ID of messages not being checked. A client that can establish an AMQP connection with the broker could use this flaw to bypass intended authentication. For Condor users, if condor-aviary is installed, this flaw could be used to submit jobs that would run as any user (except root, as Condor does not run jobs as root).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-08-21 CVE Reserved
- 2013-03-07 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://issues.apache.org/jira/browse/QPID-4631 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0561.html | 2013-03-19 | |
| http://rhn.redhat.com/errata/RHSA-2013-0562.html | 2013-03-19 | |
| http://secunia.com/advisories/52516 | 2013-03-19 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=851355 | 2013-03-06 | |
| https://access.redhat.com/security/cve/CVE-2012-4446 | 2013-03-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | <= 0.20 Search vendor "Apache" for product "Qpid" and version " <= 0.20" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.5 Search vendor "Apache" for product "Qpid" and version "0.5" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.6 Search vendor "Apache" for product "Qpid" and version "0.6" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.7 Search vendor "Apache" for product "Qpid" and version "0.7" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.8 Search vendor "Apache" for product "Qpid" and version "0.8" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.9 Search vendor "Apache" for product "Qpid" and version "0.9" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.10 Search vendor "Apache" for product "Qpid" and version "0.10" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.11 Search vendor "Apache" for product "Qpid" and version "0.11" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.12 Search vendor "Apache" for product "Qpid" and version "0.12" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.13 Search vendor "Apache" for product "Qpid" and version "0.13" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.14 Search vendor "Apache" for product "Qpid" and version "0.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.15 Search vendor "Apache" for product "Qpid" and version "0.15" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.16 Search vendor "Apache" for product "Qpid" and version "0.16" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.17 Search vendor "Apache" for product "Qpid" and version "0.17" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.18 Search vendor "Apache" for product "Qpid" and version "0.18" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Qpid Search vendor "Apache" for product "Qpid" | 0.19 Search vendor "Apache" for product "Qpid" and version "0.19" | - |
Affected
| ||||||