Authentication Bypass Vulnerability in Apache Qpid Java

Authentication Bypass Vulnerability in Apache Qpid Java

CVE-2016-4432 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.

Learn more about our Cis Benchmark Audit For Apache Http Server.