Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-9877

EPSS 0.33% · P56
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-9877

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Pivotal RabbitMQ和RabbitMQ for PCF 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Pivotal RabbitMQ和RabbitMQ for PCF都是美国Pivotal公司的产品。前者是一套实现了高级消息队列协议(AMQP)的开源消息代理软件,后者是一款开源的用于支持基于全局数据传送和高容量的数据监测的消息服务器。 Pivotal RabbitMQ和RabbitMQ for PCF中存在安全漏洞。攻击者可利用该漏洞绕过安全限制,获取未授权的访问权限。以下产品和版本受到影响:Pivotal RabbitMQ 3.5.8之前的3.x版本,3.6.6之前的3.6.x版本;RabbitMQ
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6; RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12 and 1.7.x before 1.7.7 Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6; RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12 and 1.7.x before 1.7.7 -

II. Public POCs for CVE-2016-9877

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2016-9877

登录查看更多情报信息。

Same Patch Batch · n/a · 2016-12-29 · 43 CVEs total

CVE-2016-7086VMware Workstation pro和Workstation Player 安全漏洞
CVE-2016-5328VMware Tools 信息泄露漏洞
CVE-2016-7457VMware vRealize Operations 权限许可和访问控制漏洞
CVE-2016-7456VMware vSphere Data Protection 信任管理漏洞
CVE-2016-7458VMware vSphere Client 信息泄露漏洞
CVE-2016-7461多款VMware产品安全漏洞
CVE-2016-7462VMware vRealize Operations 安全漏洞
CVE-2016-7463VMware vSphere Hypervisor 跨站脚本漏洞
CVE-2016-9878Pivotal Software Spring Framework 路径遍历漏洞
CVE-2016-7460VMware vCenter Server和vRealize Automation 安全漏洞
CVE-2016-7087VMware Horizon View 路径遍历漏洞
CVE-2016-7085VMware Workstation Pro和Workstation Player 安全漏洞
CVE-2016-7084VMware Workstation Pro和Workstation Player 安全漏洞
CVE-2016-7083VMware Workstation Pro和Workstation Player 安全漏洞
CVE-2016-7082VMware Workstation Pro和Workstation Player 安全漏洞
CVE-2016-7081VMware Workstation Pro和Workstation Player 缓冲区错误漏洞
CVE-2016-7080VMware Tools 安全漏洞
CVE-2016-7079VMware Tools 安全漏洞
CVE-2016-5334VMware Identity Manager和vRealize Automation 安全漏洞
CVE-2016-5329VMware Fusion 信息泄露漏洞

Showing top 20 of 43 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

V. Comments for CVE-2016-9877

No comments yet

Leave a comment