Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2021-22116

Published: 08/06/2021 Updated: 25/10/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Rabbitmq

Vulnerability Summary

RabbitMQ all versions before 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware rabbitmq

debian debian linux 9.0

Vendor Advisories

Debian CVElist Bug Report Logs: rabbitmq-server: CVE-2021-22116: improper input validation may lead to DoS
Debian Bug report logs - #989056 rabbitmq-server: CVE-2021-22116: improper input validation may lead to DoS Package: src:rabbitmq-server; Maintainer for src:rabbitmq-server is Debian OpenStack <team+openstack@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 24 May 2021 19:30:02 UTC ...
Red Hat: CVE-2021-22116
No description is available for this CVE ...
Arch Linux Issues:
RabbitMQ all versions prior to 3816 are prone to a denial of service vulnerability due to improper input validation in AMQP 10 client connection endpoint A malicious can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 10 plugin enabled ...

Recent Articles

DoS vulns in 3 open-source MQTT message brokers could leave users literally locked out of their homes or offices
The Register • Gareth Halfacree • 08 Jun 2021

If your IoT kit employs RabbitMQ, EMQ X or VerneMQ, it's time to get patching

Synopsys Cybersecurity Research Centre (CyRC) has warned of easily triggered denial-of-service (DoS) vulnerabilities in three popular open-source Internet of Things message brokers: RabbitMQ, EMQ X, and VerneMQ. The message brokers, responsible for handling data sent to or from IoT devices like smart home hubs and door locks, all share a common protocol: Message Queuing Telemetry Transport (MQTT), first released in 1999 for monitoring oil pipelines and since repurposed for a variety of home and ...

Read more...

References

CWE-20https://tanzu.vmware.com/security/cve-2021-22116https://lists.debian.org/debian-lts-announce/2021/07/msg00011.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989056https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2021-22116
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook