CVE-2014-9650 in VMware and Broadcom Products
Published on January 27, 2015
CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to api/definitions.
Products Associated with CVE-2014-9650
stack.watch emails you whenever new vulnerabilities are published in VMware Rabbitmq or Broadcom Rabbitmq Server. Just hit a watch button to start following.
Exploit Probability
EPSS
0.32%
Percentile
54.81%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.