Authentication Bypass Vulnerability in Apache Qpid by Red Hat
CVE-2012-4446

Currently unrated

Key Information:

Vendor

Apache
Status
Qpid
Vendor
CVE Published:
14 March 2013

What is CVE-2012-4446?

The default settings in Apache Qpid versions 0.20 and earlier, when utilizing the federation_tag attribute, permit AMQP connections without validating the source user ID. This flaw enables remote attackers to exploit authentication mechanisms, potentially resulting in unauthorized access and various unspecified impacts through crafted AMQP requests.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://issues.apache.org/jira/browse/QPID-4631
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-0561.html
vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-0562.html
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.