CVE-2016-4432 - OpenCVE

The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Qpid Broker-j

Configuration 1 [-]

cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*

References

Link	Resource
http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E	Vendor Advisory
http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html	Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/538508/100/0/threaded	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1035983	Broken Link Third Party Advisory VDB Entry
https://issues.apache.org/jira/browse/QPID-7257	Issue Tracking Vendor Advisory
https://svn.apache.org/viewvc?view=revision&revision=1743161	Patch Vendor Advisory
https://svn.apache.org/viewvc?view=revision&revision=1743393	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2016-06-01T20:00:00

Updated: 2018-10-09T18:57:01

Reserved: 2016-05-02T00:00:00

Link: CVE-2016-4432

JSON object: View

NVD Information

Status : Analyzed

Published: 2016-06-01T20:59:07.093

Modified: 2022-12-07T16:39:30.540

Link: CVE-2016-4432

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-05-27T00:00:00", "descriptions": [{"lang": "en", "value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"}, {"name": "1035983", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035983"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://svn.apache.org/viewvc?view=revision&revision=1743393"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://svn.apache.org/viewvc?view=revision&revision=1743161"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"}, {"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.apache.org/jira/browse/QPID-7257"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-4432", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"}, {"name": "1035983", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035983"}, {"name": "https://svn.apache.org/viewvc?view=revision&revision=1743393", "refsource": "CONFIRM", "url": "https://svn.apache.org/viewvc?view=revision&revision=1743393"}, {"name": "https://svn.apache.org/viewvc?view=revision&revision=1743161", "refsource": "CONFIRM", "url": "https://svn.apache.org/viewvc?view=revision&revision=1743161"}, {"name": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"}, {"name": "[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass", "refsource": "MLIST", "url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"}, {"name": "https://issues.apache.org/jira/browse/QPID-7257", "refsource": "CONFIRM", "url": "https://issues.apache.org/jira/browse/QPID-7257"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-4432", "datePublished": "2016-06-01T20:00:00", "dateReserved": "2016-05-02T00:00:00", "dateUpdated": "2018-10-09T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEF0FE3D-D08E-48BD-BBFC-1F7E781BC3D5", "versionEndExcluding": "6.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging."}, {"lang": "es", "value": "La manipulaci\u00f3n de conexi\u00f3n AMQP 0-8, 0-9, 0-91 y 0-10 en Apache Qpid Java en versiones anteriores a 6.0.3 podr\u00eda permitir a atacantes remotos eludir la autenticaci\u00f3n y consecuentemente realizar acciones a trav\u00e9s de vectores relacionados con el registro de estado de conexi\u00f3n."}], "id": "CVE-2016-4432", "lastModified": "2022-12-07T16:39:30.540", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-06-01T20:59:07.093", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://mail-archives.apache.org/mod_mbox/qpid-users/201605.mbox/%3CCAFEMS4tXDKYxKVMmU0zTb_7uzduoUS4_RePnUwz1tj%2BGQLNw5Q%40mail.gmail.com%3E"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/137216/Apache-Qpid-Java-Broker-6.0.2-Authentication-Bypass.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/538508/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1035983"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://issues.apache.org/jira/browse/QPID-7257"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://svn.apache.org/viewvc?view=revision&revision=1743161"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://svn.apache.org/viewvc?view=revision&revision=1743393"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}