Access Control Vulnerability in Apache Qpid by The Apache Software Foundation
CVE-2015-0223

Currently unrated

Key Information:

Vendor: Apache
Status: Qpid
Vendor: CVE Published:; 2 February 2015

Summary

An unspecified vulnerability in Apache Qpid versions 0.30 and earlier enables remote attackers to bypass access restrictions on qpidd due to inadequacies in handling 0-10 connections. This security flaw could potentially lead to unauthorized remote access, allowing attackers to exploit the system without correct permissions. It is crucial for organizations using affected versions to apply patches or update their software to mitigate potential risks.

References

https://access.redhat.com/errata/RHBA-2016:1500

vendor-advisoryx_refsource_REDHAT

http://www.securityfocus.com/bid/72319

vdb-entryx_refsource_BID

http://seclists.org/bugtraq/2015/Jan/122

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Feb 2, 2015
Vulnerability Reserved
Nov 18, 2014