Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rabbitmq vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2019-19340
A flaw was found in Ansible Tower, versions 3.6.x prior to 3.6.2 and 3.5.x prior to 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is ...
Redhat Ansible Tower
Redhat Enterprise Linux 7.0
NA
CVE-2023-40256
A vulnerability exists in Veritas NetBackup Snapshot Manager prior to 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this i...
Veritas Netbackup Snapshot Manager 9.1
Veritas Netbackup Snapshot Manager 9.1.0.1
Veritas Netbackup Snapshot Manager 10.0
Veritas Netbackup Snapshot Manager 10.0.0.1
Veritas Netbackup Snapshot Manager 10.1
Veritas Netbackup Snapshot Manager 10.1.1
Veritas Netbackup Snapshot Manager 10.2
Veritas Netbackup Snapshot Manager 9.0
Veritas Netbackup Snapshot Manager
7.5
CVSSv2
CVE-2019-9546
SolarWinds Orion Platform prior to 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
Solarwinds Orion Platform 2018.4
Solarwinds Orion Platform
NA
CVE-2023-26512
CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows malicious users to send controlled message and remote code execute via rabbitmq messages. Users can use t...
Apache Eventmesh
4.3
CVSSv2
CVE-2015-6858
HP Insight Control server provisioning prior to 7.5.0 RabbitMQ allows remote malicious users to obtain sensitive information via unspecified vectors.
Hp Insight Management
2.1
CVSSv2
CVE-2013-1069
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
Ubuntu Metal As A Service 1.2
Ubuntu Metal As A Service 1.4
4.6
CVSSv2
CVE-2021-35227
The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.
Solarwinds Access Rights Manager
NA
CVE-2024-25650
Insecure key exchange between Delinea PAM Secret Server 11.4 and the Distributed Engine 8.4.3 allows a PAM administrator to obtain the Symmetric Key (used to encrypt RabbitMQ messages) via crafted payloads to the /pre-authenticate, /authenticate, and /execute-and-respond REST API...
NA
CVE-2023-24568
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
Dell Networker
Dell Networker 19.7.1
Dell Networker 19.8.0.0
NA
CVE-2023-40058
Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.
Solarwinds Access Rights Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »