CVE-2017-15699

6.5MEDIUM

Key Information:

Vendor: Apache
Status: Apache Qpid Dispatch Router
Vendor: CVE Published:; 13 February 2018

Summary

A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted AMQP frame which will cause it to segfault and shut down.

Affected Version(s)

Apache Qpid Dispatch Router Apache Qpid Dispatch Router 0.7.0 and 0.8.0

References

http://www.securityfocus.com/bid/103067

vdb-entryx_refsource_BID

https://issues.apache.org/jira/browse/DISPATCH-924

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2018
Vulnerability Reserved
Oct 21, 2017