Vulnerability Details : CVE-2019-11287
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2019-11287
Probability of exploitation activity in the next 30 days: 45.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2019-11287
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
|
4.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H |
0.9
|
3.6
|
Pivotal Software, Inc. |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2019-11287
-
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.Assigned by: nvd@nist.gov (Primary)
-
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.Assigned by: security@pivotal.io (Secondary)
References for CVE-2019-11287
-
https://lists.debian.org/debian-lts-announce/2021/07/msg00011.html
[SECURITY] [DLA 2710-1] rabbitmq-server security updateThird Party Advisory
-
https://pivotal.io/security/cve-2019-11287
CVE-2019-11287: RabbitMQ Web Management Plugin DoS via heap overflow | Security | PivotalVendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYTGR3D5FW2O25RXZOTIZMOD2HAUVBE4/
[SECURITY] Fedora 30 Update: rabbitmq-server-3.7.22-1.fc30 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0078
RHSA-2020:0078 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEQ6O7PMNJKYFMQYHAB55L423GYK63SO/
[SECURITY] Fedora 31 Update: rabbitmq-server-3.7.22-1.fc31 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-11287-DoS%20via%20Heap%20Overflow-RabbitMQ%20Web%20Management%20Plugin
Disclosures/CVE-2019-11287-DoS via Heap Overflow-RabbitMQ Web Management Plugin at master · DrunkenShells/Disclosures · GitHubExploit;Third Party Advisory
Products affected by CVE-2019-11287
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:rabbitmq:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:rabbitmq:*:*:*:*:*:*:*:*
- Pivotal Software » Rabbitmq » For Pivotal Cloud FoundryVersions from including (>=) 1.16.0 and before (<) 1.16.7cpe:2.3:a:pivotal_software:rabbitmq:*:*:*:*:*:pivotal_cloud_foundry:*:*
- Pivotal Software » Rabbitmq » For Pivotal Cloud FoundryVersions from including (>=) 1.17.0 and before (<) 1.17.4cpe:2.3:a:pivotal_software:rabbitmq:*:*:*:*:*:pivotal_cloud_foundry:*:*