CVE-2019-11287
RabbitMQ Web Management Plugin DoS via heap overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.
Pivotal RabbitMQ, versiones 3.7.x anteriores a 3.7.21 y versiones 3.8.x anteriores a 3.8.1, y RabbitMQ para Pivotal Platform, versiones 1.16.x anteriores a 1.16.7 y versiones 1.17.x versiones anteriores a 1.17.4, contienen un plugin de administración web que es vulnerable a un ataque de denegación de servicio. El encabezado "X-Reason" de HTTP puede ser aprovechado para insertar una cadena de formato Erlang maliciosa que expandirá y consumirá la pila, resultando en el bloqueo del servidor.
A resource-consumption flaw was identified in the rabbitmq-server web management plugin. Utilizing a malicious 'X-Reason' HTTP header, a remote attacker could insert a malicious Erlang format string which will expand and consume heap memory, resulting in a crash. The highest threat from this vulnerability is system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-04-18 CVE Reserved
- 2019-11-22 CVE Published
- 2024-03-17 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
- CWE-134: Use of Externally-Controlled Format String
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
https://lists.debian.org/debian-lts-announce/2021/07/msg00011.html | Mailing List |
URL | Date | SRC |
---|---|---|
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-11287-DoS%20via%20Heap%20Overflow-RabbitMQ%20Web%20Management%20Plugin | 2024-09-16 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Pivotal Software Search vendor "Pivotal Software" | Rabbitmq Search vendor "Pivotal Software" for product "Rabbitmq" | >= 1.16.0 < 1.16.7 Search vendor "Pivotal Software" for product "Rabbitmq" and version " >= 1.16.0 < 1.16.7" | pivotal_cloud_foundry |
Affected
| ||||||
Pivotal Software Search vendor "Pivotal Software" | Rabbitmq Search vendor "Pivotal Software" for product "Rabbitmq" | >= 1.17.0 < 1.17.4 Search vendor "Pivotal Software" for product "Rabbitmq" and version " >= 1.17.0 < 1.17.4" | pivotal_cloud_foundry |
Affected
| ||||||
Pivotal Software Search vendor "Pivotal Software" | Rabbitmq Search vendor "Pivotal Software" for product "Rabbitmq" | >= 3.7.0 < 3.7.21 Search vendor "Pivotal Software" for product "Rabbitmq" and version " >= 3.7.0 < 3.7.21" | - |
Affected
| ||||||
Vmware Search vendor "Vmware" | Rabbitmq Search vendor "Vmware" for product "Rabbitmq" | >= 3.8.0 < 3.8.1 Search vendor "Vmware" for product "Rabbitmq" and version " >= 3.8.0 < 3.8.1" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 30 Search vendor "Fedoraproject" for product "Fedora" and version "30" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 31 Search vendor "Fedoraproject" for product "Fedora" and version "31" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openstack Search vendor "Redhat" for product "Openstack" | 15 Search vendor "Redhat" for product "Openstack" and version "15" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
|