CVE-2016-4432

Published: Jun 1, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass

mailing-list

x_refsource_BUGTRAQ

1035983

vdb-entry

x_refsource_SECTRACK

https://svn.apache.org/viewvc?view=revision&revision=1743393

x_refsource_CONFIRM

https://svn.apache.org/viewvc?view=revision&revision=1743161

x_refsource_CONFIRM

http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html

x_refsource_MISC

[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass

mailing-list

x_refsource_MLIST

https://issues.apache.org/jira/browse/QPID-7257

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4432

Description

Affected Products

References