BIT-rabbitmq-2021-22117

BIT-rabbitmq-2021-22117 PUBLISHED CVSS 7.800000190734863 HIGH

RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Bitnami	rabbitmq	3.8.0, 3.8.0, 3.8.0

Timeline

Mar 6, 2024 CVE Published
Mar 6, 2024 CVE Updated

References

https://tanzu.vmware.com/security/cve-2021-22117 url

Open in Interactive Console →