VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the operating system.
References
Link | Resource |
---|---|
https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SNPS
Published: 2021-06-08T14:31:23
Updated: 2021-06-08T14:31:23
Reserved: 2021-05-18T00:00:00
Link: CVE-2021-33176
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-08T15:15:07.977
Modified: 2021-06-21T13:43:44.680
Link: CVE-2021-33176
JSON object: View
Redhat Information
No data.