Access Control Bypass in Mosquitto MQTT Broker by Eclipse Foundation
CVE-2017-7650

6.5MEDIUM

Key Information:

Vendor

Eclipse Foundation

Status
Mosquitto
Vendor
CVE Published:
11 September 2017

What is CVE-2017-7650?

In certain versions of the Mosquitto MQTT broker, an issue exists where pattern-based ACLs can be evaded by clients that configure their username or client ID to special characters like '#' or '+'. This flaw can permit unauthorized access to MQTT topics, effectively allowing both local and remote clients to perform operations that they should not be authorized to execute. Moreover, this vulnerability may also be present in third-party authentication and access control plugins utilized with Mosquitto, potentially expanding its impact.

Affected Version(s)

Mosquitto 0.15 to 1.4.11 inclusive

References

http://mosquitto.org/2017/05/security-advisory-cve-2017-7...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/98741
vdb-entryx_refsource_BID
http://www.debian.org/security/2017/dsa-3865
vendor-advisoryx_refsource_DEBIAN

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.