All Vulnerability Reports

CVE-2021-22117: RabbitMQ Sever vulnerable to arbitrary code execution attack

Severity

High

Vendor

VMware Tanzu

Description

RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.

A malicious actor can execute arbitrary code on the running RabbitMQ server by adding arbitrary plugins.

Affected VMware Products and Versions

Severity is high unless otherwise noted.

• RabbitMQ
  • obsolete-default.x versions
  • 3.8.x versions prior to 3.8.16

Mitigation

Users of affected versions should apply the following mitigation or upgrade:

• RabbitMQ
  • 3.8.16

Credit

Robert Chen from DeepSurface Security

References

• https://tanzu.vmware.com/security/cve-2021-22117

History

2021-05-10: Initial vulnerability report published.