Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rabbitmq vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2019-19340
A flaw was found in Ansible Tower, versions 3.6.x prior to 3.6.2 and 3.5.x prior to 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is ...
Redhat Ansible Tower
Redhat Enterprise Linux 7.0
9.8
CVSSv3
CVE-2023-40256
A vulnerability exists in Veritas NetBackup Snapshot Manager prior to 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this i...
Veritas Netbackup Snapshot Manager 9.1
Veritas Netbackup Snapshot Manager 9.1.0.1
Veritas Netbackup Snapshot Manager 10.0
Veritas Netbackup Snapshot Manager 10.0.0.1
Veritas Netbackup Snapshot Manager 10.1
Veritas Netbackup Snapshot Manager 10.1.1
Veritas Netbackup Snapshot Manager 10.2
Veritas Netbackup Snapshot Manager 9.0
Veritas Netbackup Snapshot Manager
9.8
CVSSv3
CVE-2019-9546
SolarWinds Orion Platform prior to 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
Solarwinds Orion Platform 2018.4
Solarwinds Orion Platform
9.8
CVSSv3
CVE-2023-26512
CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows malicious users to send controlled message and remote code execute via rabbitmq messages. Users can use t...
Apache Eventmesh
3.7
CVSSv3
CVE-2015-6858
HP Insight Control server provisioning prior to 7.5.0 RabbitMQ allows remote malicious users to obtain sensitive information via unspecified vectors.
Hp Insight Management
NA
CVE-2013-1069
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
Ubuntu Metal As A Service 1.2
Ubuntu Metal As A Service 1.4
8.6
CVSSv3
CVE-2024-23473
The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability allows access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in ...
7.8
CVSSv3
CVE-2021-35227
The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.
Solarwinds Access Rights Manager
NA
CVE-2024-25650
Insecure key exchange between Delinea PAM Secret Server 11.4 and the Distributed Engine 8.4.3 allows a PAM administrator to obtain the Symmetric Key (used to encrypt RabbitMQ messages) via crafted payloads to the /pre-authenticate, /authenticate, and /execute-and-respond REST API...
4.3
CVSSv3
CVE-2023-24568
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
Dell Networker
Dell Networker 19.7.1
Dell Networker 19.8.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »