HTTP: Pivotal RabbitMQ X-Reason HTTP Header Denial of Service
This signature detects attempts to exploit a known vulnerability against Pivotal RabbitMQ. A successful attack can result in a denial-of-service condition.
Extended Description
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.
Affected Products
Debian debian_linux
References
CVE: CVE-2019-11287
Short Name
HTTP:CTS:RABBITMQ-X-REASON-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2019-11287 Denial HTTP Header Pivotal RabbitMQ Service X-Reason of
Release Date
01/29/2020
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Pivotal_software
Fedoraproject
Vmware
Redhat
Debian
CVSS Score
5.0