CVE-2018-1298
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable.
Se ha encontrado una vulnerabilidad de denegación de servicio (DoS) en Apache Qpid Broker-J 7.0.0, en la funcionalidad para la autenticación de conexiones para los protocolos AMQP 0-8, 0-9, 0-91 y 0-10 cuando se emplean los mecanismos PLAIN o XOAUTH2 SASL. La vulnerabilidad permite que un atacante no autenticado cierre la instancia broker inesperadamente. Las conexiones AMQP 1.0 y HTTP no se han visto afectadas. La autenticación de conexiones AMQP entrantes en Apache Qpid Broker-J se realiza por medio de entidades especiales llamadas "Authentication Providers" (proveedores de autenticación). Cada Authentication Provider puede soportar varios mecanismos SASL, que se ofrecen a los clientes que se conectan como parte del proceso de negociación SASL. El cliente elige el mecanismo SASL más adecuado para la autenticación. Los Authentication Providers de los siguientes tipos soportan el mecanismo PLAIN SASL: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256 y SCRAM-SHA-1. El mecanismo XOAUTH2 SASL está soportado por los Authentication Providers de tipo OAuth2. Si un puerto AMQP está configurado con cualquiera de estos Authentication Providers, el broker podría ser vulnerable.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-12-07 CVE Reserved
- 2018-02-09 CVE Published
- 2024-09-16 CVE Updated
- 2024-10-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Qpid Broker-j Search vendor "Apache" for product "Qpid Broker-j" | 7.0.0 Search vendor "Apache" for product "Qpid Broker-j" and version "7.0.0" | - |
Affected
|