CVE-2020-5419: RabbitMQ arbitrary code execution using local binary planting
RabbitMQ all versions prior to 3.7.28 and 3.8.x versions prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code. VMware Tanzu RabbitMQ products are not impacted as they don't use the Windows version of RabbitMQ.
Affected VMware Products and Versions
Severity is medium unless otherwise noted.
- All versions prior to v3.7.28
- 3.8.x versions prior to v3.8.7
Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include:
Ofir Hamam and Tomer Hadad at Ernst & Young's Hacktics Advanced Security Center
2020-08-27: Initial vulnerability report published.