CVE-2021-22116: Denial-of-Service Vulnerability due to improper input validation in RabbitMQ server
RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint.
A malicious can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.
Severity is high unless otherwise noted.
- 3.8.x versions prior to 3.8.16
Users of affected versions should apply the following mitigation or upgrade:
Jonathan Knudsen of Synopsys Cybersecurity Research Center (CyRC)
2021-05-10: Initial vulnerability report published.