The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-03-12T15:00:00Z

Updated: 2024-09-16T18:34:59.045Z

Reserved: 2012-08-21T00:00:00Z

Link: CVE-2012-4446

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-03-14T03:10:22.530

Modified: 2024-11-21T01:42:54.900

Link: CVE-2012-4446

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-03-06T00:00:00Z

Links: CVE-2012-4446 - Bugzilla