CVE-2016-8741

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256.

El Broker Qpid de Apache para Java puede ser configurado para usar diferentes llamados AuthenticationProviders para manejar la autenticación de usuarios. Entre las opciones se encuentran los tipos AuthenticationProviders SCRAM-SHA-1 y SCRAM-SHA-256. Se detectó que estos AuthenticationProvider en Broker Qpid de Apache para Java versiones 6.0.x anteriores a 6.0.6 y versiones 6.1.x anteriores a 6.1.1, terminan prematuramente la negociación SASL de SCRAM si el nombre de usuario proporcionado no permite a un atacante remoto determinar la existencia de cuentas de usuario. La vulnerabilidad no se aplica a AuthenticationProviders que no sean SCRAM-SHA-1 y SCRAM-SHA-256.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2016-10-18 CVE Reserved
2016-12-28 CVE Published
2023-12-17 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CAPEC

References (4)

URL	Tag	Source
http://www.securityfocus.com/bid/95136	Broken Link
http://www.securitytracker.com/id/1037537	Broken Link
https://issues.apache.org/jira/browse/QPID-7599	Issue Tracking

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html	2023-05-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Qpid Broker-j Search vendor "Apache" for product "Qpid Broker-j"				6.0.1 Search vendor "Apache" for product "Qpid Broker-j" and version "6.0.1"		-		Affected
Apache Search vendor "Apache"		Qpid Broker-j Search vendor "Apache" for product "Qpid Broker-j"				6.0.2 Search vendor "Apache" for product "Qpid Broker-j" and version "6.0.2"		-		Affected
Apache Search vendor "Apache"		Qpid Broker-j Search vendor "Apache" for product "Qpid Broker-j"				6.0.3 Search vendor "Apache" for product "Qpid Broker-j" and version "6.0.3"		-		Affected
Apache Search vendor "Apache"		Qpid Broker-j Search vendor "Apache" for product "Qpid Broker-j"				6.0.4 Search vendor "Apache" for product "Qpid Broker-j" and version "6.0.4"		-		Affected
Apache Search vendor "Apache"		Qpid Broker-j Search vendor "Apache" for product "Qpid Broker-j"				6.0.5 Search vendor "Apache" for product "Qpid Broker-j" and version "6.0.5"		-		Affected
Apache Search vendor "Apache"		Qpid Broker-j Search vendor "Apache" for product "Qpid Broker-j"				6.1.0 Search vendor "Apache" for product "Qpid Broker-j" and version "6.1.0"		-		Affected