Logging Vulnerability in RabbitMQ for Pivotal Cloud Foundry
CVE-2016-0929
7.5HIGH
What is CVE-2016-0929?
A metric-collection component in RabbitMQ for Pivotal Cloud Foundry versions prior to 1.6.4 improperly logs command lines of failed commands. This vulnerability can potentially expose sensitive information, such as user credentials, through syslog messages that include command line details. Attackers with context access to these log files may exploit this flaw to retrieve sensitive data.
