CVE-2020-5419: RabbitMQ arbitrary code execution using local binary planting
Medium
VMware
RabbitMQ all versions prior to 3.7.28 and 3.8.x versions prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code. VMware Tanzu RabbitMQ products are not impacted as they don't use the Windows version of RabbitMQ.
Severity is medium unless otherwise noted.
-
RabbitMQ
- All versions prior to v3.7.28
- 3.8.x versions prior to v3.8.7
Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include:
-
RabbitMQ
- v3.7.28
- v3.8.7
Ofir Hamam and Tomer Hadad at Ernst & Young's Hacktics Advanced Security Center
- https://github.com/rabbitmq/rabbitmq-server/releases/tag/v3.8.7
- https://tanzu.vmware.com/security/cve-2020-5419
2020-08-27: Initial vulnerability report published.