RabbitMQ could allow unintended access to network services.
It was discovered that RabbitMQ incorrectly handled MQTT (MQ Telemetry Transport) authentication. A remote attacker could use this issue to authenticate successfully with an existing username by omitting the password.
31 July 2017
A security issue affects these releases of Ubuntu and its derivatives:
RabbitMQ could allow unintended access to network services.
It was discovered that RabbitMQ incorrectly handled MQTT (MQ Telemetry Transport) authentication. A remote attacker could use this issue to authenticate successfully with an existing username by omitting the password.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.