Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2019-11287
HistoryDec 13, 2019 - 3:08 p.m.

CVE-2019-11287

2019-12-1315:08:28
redhat.com
access.redhat.com
6

0.451 Medium

EPSS

Percentile

97.4%

JSON

A resource-consumption flaw was identified in the rabbitmq-server web management plugin. Utilizing a malicious ‘X-Reason’ HTTP header, a remote attacker could insert a malicious Erlang format string which will expand and consume heap memory, resulting in a crash. The highest threat from this vulnerability is system availability.

Mitigation

This flaw can be mitigated by disabling the Web Management plugin: rabbitmq-plugins disable rabbitmq_management.

Related

ubuntucve 1
checkpoint_advisories 1
symantec 1
nessus 6
prion 1
cvelist 1
nvd 1
debiancve 1
veracode 1
osv 4
cve 1
github 1
fedora 2
openvas 4
redhat 1
ubuntu 1
debian 1
oracle 1
ubuntucve
ubuntucve
CVE-2019-11287
2019-11-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Pivotal RabbitMQ X-Reason Denial of Service (CVE-2019-11287)
2020-04-27 00:00:00
symantec
symantec
Pivotal RabbitMQ CVE-2019-11287 Remote Denial of Service Vulnerability
2019-11-22 00:00:00
nessus
nessus
Pivotal RabbitMQ 3.7.x < 3.7.21 / 3.8.x < 3.8.1 Denial of Service
2020-12-29 00:00:00
Fedora 30 : rabbitmq-server (2019-74d2feb5be)
2019-12-09 00:00:00
Fedora 31 : rabbitmq-server (2019-6497f51791)
2019-12-09 00:00:00
prion
prion
Format string
2019-11-23 00:15:00
cvelist
cvelist
CVE-2019-11287 RabbitMQ Web Management Plugin DoS via heap overflow
2019-11-22 00:00:00
nvd
nvd
CVE-2019-11287
2019-11-23 00:15:10
debiancve
debiancve
CVE-2019-11287
2019-11-23 00:15:10
veracode
veracode
Denial Of Service
2021-08-12 14:37:10
osv
osv
Pivotal RabbitMQ is vulnerable to a denial of service attack
2022-05-24 17:01:50
CVE-2019-11287
2019-11-23 00:15:10
rabbitmq-server vulnerabilities
2021-06-24 15:04:30
cve
cve
CVE-2019-11287
2019-11-23 00:15:10
github
github
Pivotal RabbitMQ is vulnerable to a denial of service attack
2022-05-24 17:01:50
fedora
fedora
[SECURITY] Fedora 30 Update: rabbitmq-server-3.7.22-1.fc30
2019-12-07 01:32:21
[SECURITY] Fedora 31 Update: rabbitmq-server-3.7.22-1.fc31
2019-12-07 01:51:04
openvas
openvas
Ubuntu: Security Advisory (USN-5004-1)
2021-06-25 00:00:00
Fedora Update for rabbitmq-server FEDORA-2019-74d2feb5be
2019-12-08 00:00:00
Fedora Update for rabbitmq-server FEDORA-2019-6497f51791
2020-01-09 00:00:00
redhat
redhat
(RHSA-2020:0078) Important: rabbitmq-server security update
2020-01-13 10:03:48
ubuntu
ubuntu
RabbitMQ vulnerabilities
2021-06-24 00:00:00
debian
debian
[SECURITY] [DLA 2710-1] rabbitmq-server security update
2021-07-19 17:21:29
oracle
oracle
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00

0.451 Medium

EPSS

Percentile

97.4%

JSON
Related for RH:CVE-2019-11287
ubuntucve1checkpoint_advisories1symantec1nessus6prion1cvelist1nvd1debiancve1veracode1osv4cve1github1fedora2openvas4redhat1ubuntu1debian1oracle1