Pivotal.RabbitMQ.X-Reason.HTTP.Header.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in Pivotal RabbitMQ for Pivotal Platform.
The vulnerability is due to indefinite memory consumption when processing an X-Reason HTTP header containing a crafted Erlang format string. Successful exploitation will result in the RabbitMQ Erlang program abnormally terminating.
Affected Products
Pivotal RabbitMQ 3.7 prior to v3.7.21
Pivotal RabbitMQ 3.8 prior to v3.8.1
Pivotal RabbitMQ for Pivotal Platform 1.16 versions prior to 1.16.7
Pivotal RabbitMQ for Pivotal Platform 1.17 versions prior to 1.17.4
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://pivotal.io/security/cve-2019-11287
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |