24 matches found
CVE-2026-9844
Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...
CVE-2026-44839 RabbitMQ: Unsanitized vhost names allow for XSS in management UI
RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13...
EUVD-2019-8961
Malware in sbrugna...
CVE-2024-28990
SolarWinds Access Rights Manager ARM was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative ZDI for its ongoing partnership in coordinating...
Linux Distros Unpatched Vulnerability : CVE-2021-32719
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI vi...
SolarWinds Access Rights Manager Trust Management Issue Vulnerability
SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds. A trust management issue vulnerability exists in SolarWinds Access Rights Manager that can be exploited by an attacker to access the RabbitMQ management console...
SUSE CVE-2014-9650
CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to api/definitions...
SUSE CVE-2017-4967
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ...
CVE-2021-32719
CVE-2021-32719 affects RabbitMQ’s rabbitmq-server prior to version 3.8.18 where, when a federation link is shown in the management UI via the rabbitmq_federation_management plugin, the consumer tag is rendered without proper [removed] tag sanitization. This could allow JavaScript execution in the...
PT-2019-15815 · Pivotal +1 · Rabbitmq +1
Name of the Vulnerable Software and Affected Versions: Ansible Tower versions 3.5.x through 3.5.2 Ansible Tower versions 3.6.x through 3.6.1 Description: A flaw was found in Ansible Tower where enabling RabbitMQ manager by setting it with '-e rabbitmq enable manager=true' exposes the RabbitMQ...
DEBIAN-CVE-2017-4967
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ...
DEBIAN-CVE-2017-4966
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. RabbitMQ management UI stores signed-...
UBUNTU-CVE-2017-4967
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ...
PT-2017-4069 · Pivotal +2 · Rabbitmq +2
Name of the Vulnerable Software and Affected Versions: RabbitMQ versions 3.4.x through 3.5.x and 3.6.x versions prior to 3.6.9 RabbitMQ for PCF versions 1.5.x and 1.6.x versions prior to 1.6.18 and 1.7.x versions prior to 1.7.15 Description: The issue is related to the disclosure of information. ...
Pivotal RabbitMQ Management Plugin Detection
Binary data pivotalrabbitmqmgmtdetect.nbin...
CVE-2015-8786
The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service resource consumption via the 1 lengthsage or 2 lengthsincr parameter...
Pivotal Software RabbitMQ management plugin cross-site scripting vulnerability (CNVD-2015-00813)
Pivotal Software RabbitMQ is a British company Pivotal Software's set of implementation of the Advanced Message Queuing Protocol AMQP open source message broker software. RabbitMQ management is one of the management plug-in . A cross-site scripting vulnerability exists in the management plug-in f...
DEBIAN-CVE-2014-9650
CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to api/definitions...
DEBIAN-CVE-2014-9649
Cross-site scripting XSS vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message...
PT-2015-4326 · Pivotal +1 · Rabbitmq
Name of the Vulnerable Software and Affected Versions: RabbitMQ versions 2.1.0 through 3.4.x Description: A CRLF injection issue exists in the management plugin, allowing remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to th...