CVE-2021-22116: Denial-of-Service Vulnerability due to improper input validation in RabbitMQ server
RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint.
A malicious can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- 3.8.x versions prior to 3.8.16
Users of affected versions should apply the following mitigation or upgrade:
Jonathan Knudsen of Synopsys Cybersecurity Research Center (CyRC)
2021-05-10: Initial vulnerability report published.