{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-03-12T15:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://issues.apache.org/jira/browse/QPID-4631"}, {"name": "RHSA-2013:0561", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0561.html"}, {"name": "RHSA-2013:0562", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0562.html"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=851355"}, {"name": "52516", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/52516"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4446", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://issues.apache.org/jira/browse/QPID-4631", "refsource": "CONFIRM", "url": "https://issues.apache.org/jira/browse/QPID-4631"}, {"name": "RHSA-2013:0561", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0561.html"}, {"name": "RHSA-2013:0562", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0562.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851355", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=851355"}, {"name": "52516", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/52516"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:35:09.921Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.apache.org/jira/browse/QPID-4631"}, {"name": "RHSA-2013:0561", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0561.html"}, {"name": "RHSA-2013:0562", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0562.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=851355"}, {"name": "52516", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/52516"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-4446", "datePublished": "2013-03-12T15:00:00Z", "dateReserved": "2012-08-21T00:00:00Z", "dateUpdated": "2024-09-16T18:34:59.045Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:qpid:*:*:*:*:*:*:*:*", "matchCriteriaId": "2EFF35CD-0D3D-4B29-8E7A-9C39D7358A3A", "versionEndIncluding": "0.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "71A147B7-2E6B-4E7A-8C68-BEDFCACD57AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "760A5796-9BB5-45A3-AB0E-D3639D487A76", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D441FDC2-CA4E-43C5-A3DD-3715641E59A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "79CB1E30-BDD9-451E-A366-EE19C2E00AF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "8690F211-CE64-4799-87C5-F2AEDB0500EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "469FC441-523B-4C78-9B2D-46B8CCE8811E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.11:*:*:*:*:*:*:*", "matchCriteriaId": "BB64A222-C258-44BF-A83D-CFE1204F8009", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.12:*:*:*:*:*:*:*", "matchCriteriaId": "C584B299-0BB9-4B4F-B0BC-11DE222F1F17", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.13:*:*:*:*:*:*:*", "matchCriteriaId": "D74323FF-612A-48EE-A03E-D49CAD828101", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.14:*:*:*:*:*:*:*", "matchCriteriaId": "21261207-0DF5-460A-9F9B-F8CADB78DAF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.15:*:*:*:*:*:*:*", "matchCriteriaId": "F5A6F2E8-325C-4071-9862-8242B730B147", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.16:*:*:*:*:*:*:*", "matchCriteriaId": "578FB3FD-EA55-4A39-94D4-F4194C0F2BB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.17:*:*:*:*:*:*:*", "matchCriteriaId": "C67B5857-3CD8-445A-B60D-C0285BB60A07", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.18:*:*:*:*:*:*:*", "matchCriteriaId": "2949A7DC-2955-4770-94CE-5AB9EEC3B1DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:qpid:0.19:*:*:*:*:*:*:*", "matchCriteriaId": "B227D078-8298-4594-8F96-F2976F189B6A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request."}, {"lang": "es", "value": "La configuraci\u00f3n por defecto de Apache Qpid v0.20 y anteriores, cuando el atributo federation_tag est\u00e1 activo, acepta conexiones AMQP sin comprobar el ID del usuario que lo manda, lo que permite a atacantes remotos evitar la autenticaci\u00f3n y tener otras sin especificar a trav\u00e9s de peticiones AMQP."}], "id": "CVE-2012-4446", "lastModified": "2013-03-19T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-03-14T03:10:22.530", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-0561.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-0562.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/52516"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=851355"}, {"source": "secalert@redhat.com", "url": "https://issues.apache.org/jira/browse/QPID-4631"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Florian Weimer (Red Hat Product Security Team).", "affected_release": [{"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "cumin-messaging-0:0.1.1-2.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "mrg-release-0:2.3.0-1.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "python-qpid-0:0.18-4.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "qpid-cpp-mrg-0:0.18-14.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "qpid-java-0:0.18-7.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "qpid-jca-0:0.18-8.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "qpid-qmf-0:0.18-15.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "qpid-tests-0:0.18-2.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "qpid-tools-0:0.18-8.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "rhm-docs-0:0.18-2.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0561", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "saslwrapper-0:0.18-1.el5", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "cumin-messaging-0:0.1.1-2.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "mrg-release-0:2.3.0-1.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "python-qpid-0:0.18-4.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "qpid-cpp-0:0.18-14.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "qpid-java-0:0.18-7.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "qpid-jca-0:0.18-8.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "qpid-qmf-0:0.18-15.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "qpid-tests-0:0.18-2.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "qpid-tools-0:0.18-8.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "rhm-docs-0:0.18-2.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "rubygem-rake-0:0.8.7-2.1.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "rubygems-0:1.8.16-1.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "saslwrapper-0:0.18-1.el6_3", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "xerces-c-0:3.0.1-20.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}, {"advisory": "RHSA-2013:0562", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "xqilla-0:2.2.3-8.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2013-03-06T00:00:00Z"}], "bugzilla": {"description": "qpid-cpp: qpid authentication bypass", "id": "851355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=851355"}, "csaw": false, "cvss": {"cvss_base_score": "5.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "status": "verified"}, "details": ["The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.", "It was found that the Apache Qpid daemon (qpidd) treated AMQP connections with the federation_tag attribute set as a broker-to-broker connection, rather than a client-to-server connection. This resulted in the source user ID of messages not being checked. A client that can establish an AMQP connection with the broker could use this flaw to bypass intended authentication. For Condor users, if condor-aviary is installed, this flaw could be used to submit jobs that would run as any user (except root, as Condor does not run jobs as root)."], "name": "CVE-2012-4446", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "qpid-cpp", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2013-03-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-4446\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-4446\nhttps://issues.apache.org/jira/browse/QPID-4631"], "threat_severity": "Moderate", "upstream_fix": "qpid-cpp 0.23"}