Authentication Bypass in Apache Qpid Broker-J by Remote Attackers
CVE-2017-15702

9.8CRITICAL

Key Information:

Vendor
Apache
Status
Apache Qpid Broker-j
Vendor
CVE Published:
1 December 2017

Summary

In versions 0.18 to 0.32 of Apache Qpid Broker-J, a misconfiguration of authentication providers across different ports can expose the broker to remote unauthenticated attacks. If one of the configured ports operates over HTTP, an attacker can connect to it and exploit authentication mechanisms intended for a different, potentially less secure, port. This vulnerability allows for the circumvention of firewall protections, especially when the targeted authentication on the spoofed port lacks rigorous security measures, such as accepting anonymous access or using default account credentials. It is important to note that versions 6.0.0 and newer are not affected by this flaw.

Affected Version(s)

Apache Qpid Broker-J 0.18 through 0.32

References

https://issues.apache.org/jira/browse/QPID-8039
x_refsource_CONFIRM
http://www.securityfocus.com/bid/102040
vdb-entryx_refsource_BID
https://lists.apache.org/thread.html/59d241e30db23b8b0af2...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.