CVE-2016-9877 vulnerability in VMware and Other Products
Published on December 29, 2016

An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected.

Vendor Advisory NVD

Products Associated with CVE-2016-9877

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2016-9877 are published in these products:

VMware Rabbitmq

Pivotal Software Rabbitmq

Broadcom Rabbitmq Server

Exploit Probability

EPSS

0.33%

Percentile

55.44%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-9877 vulnerability in VMware and Other ProductsPublished on December 29, 2016

Products Associated with CVE-2016-9877

Exploit Probability

CVE-2016-9877 vulnerability in VMware and Other Products
Published on December 29, 2016