Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
BID:58379
Info
Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
| Bugtraq ID: | 58379 |
| Class: | Design Error |
| CVE: |
CVE-2012-4446 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 05 2013 12:00AM |
| Updated: | Mar 05 2013 12:00AM |
| Credit: | Florian Weimer, Red Hat Product Security Team |
| Vulnerable: |
Red Hat MRG Realtime for RHEL 6 Server 2 Red Hat MRG Messaging RHEL 6 Server 2 Red Hat MRG Messaging for RHEL Server 2 Red Hat MRG Management for RHEL ComputeNode 2 Red Hat MRG Management RHEL 6 Server 2 Red Hat MRG Management RHEL 5 Server 2 Red Hat MRG Grid Execute Node for RHEL 6 ComputeNode 2 |
| Not Vulnerable: | |
Discussion
Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
Apache Qpid is prone to an authentication-bypass vulnerability.
Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access.
Apache Qpid is prone to an authentication-bypass vulnerability.
Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access.
Exploit / POC
Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
Attackers can exploit this issue using readily available tools.
Attackers can exploit this issue using readily available tools.
Solution / Fix
Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
References:
References: