CVE-2023-35789

CVSS Score of 10 (low)

Details

Published Jun 16, 2023
Updated: Jun 26, 2023
CWE ID 522

Summary

CVE-2023-35789 is a vulnerability discovered in the C AMQP client library (rabbitmq-c) through version 0.13.0 for RabbitMQ. This vulnerability allows local attackers to access credentials by listing a process and its arguments, as credentials can only be entered on the command line. This vulnerability affects multiple products, including rv99SR, rv99SQ, rv99SN, rv99SM, rv99SP, rv99SO, rv99SJ, rv99SI, rv99SL, rv99SK, rv99SF, rv99SE, rv99SH, cV-Wjl, rv99SG, rv99SD, and rv99SC. The risk score for this vulnerability is 28 out of 100. It has a medium severity rating with a base score of 5.5 and high confidentiality impact but requires low privileges to exploit. To remediate this vulnerability, users should update their rabbitmq-c library to a version that addresses the issue.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-35789 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options