CVE-2012-2145
Published Sep 28, 2012
Last updated 7 years ago
Overview
- Description
- Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:qpid:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E23F92F2-F77B-468E-B63B-DD333A63375C",
"versionEndIncluding": "0.17"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "760A5796-9BB5-45A3-AB0E-D3639D487A76"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D441FDC2-CA4E-43C5-A3DD-3715641E59A4"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79CB1E30-BDD9-451E-A366-EE19C2E00AF0"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8690F211-CE64-4799-87C5-F2AEDB0500EA"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "469FC441-523B-4C78-9B2D-46B8CCE8811E"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C584B299-0BB9-4B4F-B0BC-11DE222F1F17"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21261207-0DF5-460A-9F9B-F8CADB78DAF7"
},
{
"criteria": "cpe:2.3:a:apache:qpid:0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "578FB3FD-EA55-4A39-94D4-F4194C0F2BB3"
}
],
"operator": "OR"
}
]
}
]