6.8
CVE-2015-8786
- EPSS 3.51%
- Veröffentlicht 09.12.2016 20:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pivotal Software ≫ Rabbitmq Version3.6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.51% | 0.877 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://rhn.redhat.com/errata/RHSA-2017-0226.html
http://rhn.redhat.com/errata/RHSA-2017-0530.html
http://rhn.redhat.com/errata/RHSA-2017-0531.html
http://rhn.redhat.com/errata/RHSA-2017-0532.html
http://rhn.redhat.com/errata/RHSA-2017-0533.html
http://www.securityfocus.com/bid/91508
https://github.com/rabbitmq/rabbitmq-management/issues/97
https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmq_v3_6_1