RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code.
References
Link | Resource |
---|---|
https://tanzu.vmware.com/security/cve-2020-5419 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
17 Mar 2022, 14:10
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:vmware:rabbitmq:*:*:*:*:*:*:*:* |
Information
Published : 2020-08-31 15:15
Updated : 2024-02-04 21:00
NVD link : CVE-2020-5419
Mitre link : CVE-2020-5419
CVE.ORG link : CVE-2020-5419
JSON object : View
Products Affected
vmware
- rabbitmq
pivotal_software
- rabbitmq
CWE
CWE-427
Uncontrolled Search Path Element