CVE-2015-0223

Advisory lineage Upstream: 0 Downstream: 7

Downstream

RHBA-2016:1500 RHSA-2015:0660 RHSA-2015:0661 RHSA-2015:0662 RHSA-2015:0707 RHSA-2015:0708

Modified

Published: 02 Feb 2015, 16:00

Last modified:06 Aug 2024, 04:03

Vulnerability Summary

Overall Risk (default)

low

20/100

CVSS Score

5 MEDIUM

v2.0 (nvd)

EPSS Score

2.27% LOW

2% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 Feb 2015, 16:00

Published

Vulnerability first disclosed

06 Aug 2024, 04:03

Last Modified

Vulnerability information updated

Description

Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.

CVSS Metrics

v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 2.27%• Percentile: 85%

Techniques & Countermeasures

CWE-264•Permissions, Privileges, and Access Controls
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Affected Systems

apache•qpid
≤ 0.30