Detections
Analytics

RabbitMQ 3.8.x < 3.8.32 / 3.9.x < 3.9.18 / 3.10.x < 3.10.2 Predictable credential obfuscation

high Nessus Plugin ID 234567

Language:

Synopsis

An application installed on the remote host is affected by a vulnerability.

Description

The version of RabbitMQ installed on the remote host is 3.8.x prior to 3.8.32, 3.9.x prior to 3.9.18, or 3.10.x prior to 3.10.2. It is, therefore, affected by a vulnerability:

 - RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. (CVE-2022-31008)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to RabbitMQ version 3.8.32, 3.9.18, or 3.10.2 or later.

See Also

http://www.nessus.org/u?be4b6264

Plugin Details

Severity: High

ID: 234567

File Name: rabbitmq_3_10_2.nasl

Version: 1.1

Type: local

Agent: unix

Family: Misc.

Published: 4/17/2025

Updated: 4/17/2025

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2022-31008

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/a:pivotal_software:rabbitmq

Required KB Items: installed_sw/RabbitMQ

Patch Publication Date: 10/5/2022

Vulnerability Publication Date: 10/5/2022

Reference Information

CVE: CVE-2022-31008