Headline
CVE-2017-4967: CVE-2017-4965 | Security
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.
All Vulnerability Reports
CVE-2017-4965 and CVE-2017-4967: XSS vulnerabilities in RabbitMQ management UI
Severity
High
Vendor
Pivotal
Description
Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- Pivotal RabbitMQ versions:
- All 3.4.x versions
- All 3.5.x versions
- 3.6.x versions prior to 3.6.9
- RabbitMQ for PCF versions:
- All 1.5.x versions
- 1.6.x versions prior to 1.6.18
- 1.7.x versions prior to 1.7.15
- Please note: RabbitMQ for PCF 1.8.x versions are not vulnerable to this issue.
Mitigation
Users of affected versions should apply the following mitigation:
- Releases that have fixed this issue include:
- Pivotal RabbitMQ: 3.6.9
- RabbitMQ for PCF: 1.6.18, 1.7.15
- Please note: Users of RabbitMQ for PCF versions 1.5.x or lower should upgrade to 1.6.18 or later.
Credit
These issues were responsibly reported by the GE Digital Security Team and by Brandon Williams from Early Warning.
References
- https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmq_v3_6_9
History
2017-05-04: Initial vulnerability report published
Related news
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.