CVE-2012-4446: CVE-2012-4446

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-4446

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Apache Qpid 认证绕过漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Apache Qpid是美国阿帕奇（Apache）软件基金会开发的一款面向对象的消息中间件，它是一个AMQP（高级消息队列协议）的实现，可以和符合AMQP协议的系统进行通信，并提供了C++、Python、Java、C#等编程语言的客户端库。Qpid AMQP 0-x JMS client和Qpid JMS client都是其中的客户端组件。 Apache Qpid 0.20和较早版本中的默认配置中存在漏洞，该漏洞源于federation_tag属性启用时，程序不检查源用户ID接受AMQP连接。通过AMQP

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-4446

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-4446

Please Login to view more intelligence information

🔗 [QPID-4631] C++ Broker interbroker links should be protected by ACL - ASF JIRA Read full article x_refsource_CONFIRM
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=851355x_refsource_MISC
🔗 http://secunia.com/advisories/52516third-party-advisoryx_refsource_SECUNIA
🔗 http://rhn.redhat.com/errata/RHSA-2013-0561.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2013-0562.htmlvendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2012-4446

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-4446

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2012-4446

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-4446

III. Intelligence Information for CVE-2012-4446

IV. Related Vulnerabilities

V. Comments for CVE-2012-4446

Leave a comment