Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-35789HistoryJun 16, 2023 - 9:15 p.m.
CVE-2023-35789
2023-06-1621:15:09
Debian Security Bug Tracker
security-tracker.debian.org
17
cve-2023-35789
unix
command line
local attackers
credentials visible
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
5.1%
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | librabbitmq | <= 0.11.0-1 | librabbitmq_0.11.0-1_all.deb |
| Debian | 11 | all | librabbitmq | <= 0.10.0-1 | librabbitmq_0.10.0-1_all.deb |
| Debian | 999 | all | librabbitmq | < 0.14.0-1 | librabbitmq_0.14.0-1_all.deb |
| Debian | 13 | all | librabbitmq | < 0.14.0-1 | librabbitmq_0.14.0-1_all.deb |
Related
osv
osv
CVE-2023-35789
2023-06-16 21:15:09
Moderate: librabbitmq security update
2023-11-07 00:00:00
Moderate: librabbitmq security update
2023-11-14 00:00:00
prion
prion
Design/Logic Flaw
2023-06-16 21:15:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2823-1)
2024-02-28 00:00:00
almalinux
almalinux
Moderate: librabbitmq security update
2023-11-14 00:00:00
Moderate: librabbitmq security update
2023-11-07 00:00:00
nvd
nvd
CVE-2023-35789
2023-06-16 21:15:09
nessus
nessus
RHEL 8 : librabbitmq (RHSA-2023:7150)
2023-11-14 00:00:00
CentOS 8 : librabbitmq (CESA-2023:7150)
2023-11-14 00:00:00
redhatcve
redhatcve
CVE-2023-35789
2023-06-26 06:47:02
redhat
redhat
(RHSA-2023:7150) Moderate: librabbitmq security update
2023-11-14 08:46:38
(RHSA-2023:6482) Moderate: librabbitmq security update
2023-11-07 06:06:36
cve
cve
CVE-2023-35789
2023-06-16 21:15:09
oraclelinux
oraclelinux
librabbitmq security update
2023-11-17 00:00:00
librabbitmq security update
2023-11-11 00:00:00
cvelist
cvelist
CVE-2023-35789
2023-06-16 00:00:00
alpinelinux
alpinelinux
CVE-2023-35789
2023-06-16 21:15:09
freebsd
freebsd
RabbitMQ-C -- auth credentials visible in commandline tool options
2019-09-19 00:00:00
ibm
ibm
ubuntucve
ubuntucve
CVE-2023-35789
2023-06-16 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2023-35789