RabbitMQ -- Authentication vulnerability

2016-12-06T00:00:00
ID 6AA956FB-D97F-11E6-A071-001E67F15F5A
Type freebsd
Reporter FreeBSD
Modified 2016-12-06T00:00:00

Description

Pivotal.io reports:

MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected.