Lucene search

EclipseCVE-2017-7650

HistorySep 11, 2017 - 4:29 p.m.

CVE-2017-7650

2017-09-1116:29:00

CWE-287

eclipse

web.nvd.nist.gov

cve-2017-7650

mosquitto

acl bypass

mqtt

third party plugins

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.284

Percentile

96.9%

JSON

In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/client id to ‘#’ or ‘+’. This allows locally or remotely connected clients to access MQTT topics that they do have the rights to. The same issue may be present in third party authentication/access control plugins for Mosquitto.

Affected configurations

Nvd

Node

eclipsemosquittoRange<1.4.12

Node

debiandebian_linuxMatch8.0

VendorProductVersionCPE
eclipsemosquitto*cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
eclipse	mosquitto	*	cpe:2.3:a:eclipse:mosquitto::::::::
debian	debian_linux	8.0	cpe:2.3:o:debian:debian_linux:8.0:::::::*

CNA Affected

[
  {
    "product": "Mosquitto",
    "vendor": "Eclipse Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "0.15 to 1.4.11 inclusive"
      }
    ]
  }
]