Home

CVE-2016-4432

Description

The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.39

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-4432 are fixed in Apache - qpid-broker-plugins-amqp-0-8-protocol 6.0.3Windows
Vulnerabilities CVE-2016-4432 are fixed in Apache - qpid-broker-plugins-amqp-1-0-protocol 6.0.3Windows
Vulnerabilities CVE-2016-4432 are fixed in Apache - qpid-broker-plugins-amqp-0-8-protocol for Linux 6.0.3Linux
Vulnerabilities CVE-2016-4432 are fixed in Apache - qpid-broker-plugins-amqp-1-0-protocol for Linux 6.0.3Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234