Description
RabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_users restriction via a crafted X-Forwareded-For header.
CVSS impact metrics
AV:N/AC:L/Au:N/C:N/I:P/A:N
5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2015-01-20T15:59:08.233
10 years agoLast modified
2023-11-07T02:23:06.197
1 year ago