RabbitMQ all versions before 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware rabbitmq |
||
debian debian linux 9.0 |
If your IoT kit employs RabbitMQ, EMQ X or VerneMQ, it's time to get patching
Synopsys Cybersecurity Research Centre (CyRC) has warned of easily triggered denial-of-service (DoS) vulnerabilities in three popular open-source Internet of Things message brokers: RabbitMQ, EMQ X, and VerneMQ. The message brokers, responsible for handling data sent to or from IoT devices like smart home hubs and door locks, all share a common protocol: Message Queuing Telemetry Transport (MQTT), first released in 1999 for monitoring oil pipelines and since repurposed for a variety of home and ...