Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
BID:53305
Info
Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
| Bugtraq ID: | 53305 |
| Class: | Access Validation Error |
| CVE: |
CVE-2011-3620 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 30 2012 12:00AM |
| Updated: | May 01 2012 08:51PM |
| Credit: | Red Hat |
| Vulnerable: |
Red Hat MRG Messaging RHEL 6 Server 2 Red Hat MRG Messaging for RHEL Server 2 Red Hat MRG Management for RHEL ComputeNode 2 Red Hat MRG Management RHEL 6 Server 2 Red Hat MRG Management RHEL 5 Server 2 Red Hat MRG Grid Execute Node for RHEL 6 ComputeNode 2 Red Hat Enterprise MRG Messaging 2.1 |
| Not Vulnerable: | |
Discussion
Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
Apache Qpid is prone to a security-bypass vulnerability.
An attacker may leverage this issue to bypass certain security restrictions and gain unauthorized access to the affected application.
Apache Qpid 0.12 is vulnerable; other versions may also be affected.
NOTE: This BID was previously titled 'Red Hat Enterprise MRG Messaging Unauthorized Access Security Bypass Vulnerability', but has been rewritten to better document that the underlying vulnerability occurs in Apache Qpid.
Apache Qpid is prone to a security-bypass vulnerability.
An attacker may leverage this issue to bypass certain security restrictions and gain unauthorized access to the affected application.
Apache Qpid 0.12 is vulnerable; other versions may also be affected.
NOTE: This BID was previously titled 'Red Hat Enterprise MRG Messaging Unauthorized Access Security Bypass Vulnerability', but has been rewritten to better document that the underlying vulnerability occurs in Apache Qpid.
Exploit / POC
Red Hat Enterprise MRG Messaging Unauthorized Access Security Bypass Vulnerability
Currently we are not aware of any exploits. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
Solution:
Vendor patch is available. Please see the references for more information.
Solution:
Vendor patch is available. Please see the references for more information.
References
Red Hat Enterprise MRG Messaging Unauthorized Access Security Bypass Vulnerability
References:
References:
- Red Hat Homepage (Red Hat)