Lucene search
HistoryMay 03, 2012 - 11:55 p.m.
CVE-2011-3620
cve-2011-3620
apache qpid
cluster
remote attackers
credential verification
messaging functionality
job functionality
6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.8%
Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache:qpid | apache qpid | eq | 0.12 |
Related
nessus
nessus
RHEL 5 : MRG (RHSA-2012:0529)
2014-07-22 00:00:00
RHEL 6 : Red Hat Enterprise MRG Messaging 2.1 (RHSA-2012:0528)
2014-07-22 00:00:00
ubuntucve
ubuntucve
CVE-2011-3620
2012-05-03 00:00:00
prion
prion
Design/Logic Flaw
2012-05-03 23:55:00
seebug
seebug
Apache Qpid非法访问安全限制绕过漏洞
2012-05-03 00:00:00
redhat
redhat
cvelist
cvelist
CVE-2011-3620
2012-05-03 23:00:00
veracode
veracode
Authorization Bypass
2019-01-15 08:50:58
6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.8%
Related for CVE-2011-3620