2 matches found
CVE-2018-12551
When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means that the malformed data becomes a username and no password. If this occurs, clients can circumvent...
CVE-2018-12551
When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means that the malformed data becomes a username and no password. If this occurs, clients can circumvent...