USN-3374-1 rabbitmq-server vulnerability

It was discovered that RabbitMQ incorrectly handled MQTT MQ Telemetry Transport authentication. A remote attacker could use this issue to authenticate successfully with an existing username by omitting the password...

CVE-2016-9877

An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT MQ Telemetry Transport connection authentication with a username/password pair succeeds if an existing username is provid...