Spring AMQP 4.0.3 correlation ID predictability in sendAndReceive()
CVE-2026-41701 Published on June 9, 2026
In Spring AMQP sequential correlation IDs enable reply poisoning on fixed reply queues
Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter.
Affected versions:
Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17.
Vulnerability Analysis
CVE-2026-41701 can be exploited with network access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Weakness Type
Use of Insufficiently Random Values
The software uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. When software generates predictable values in a context requiring unpredictability, it may be possible for an attacker to guess the next value that will be generated, and use this guess to impersonate another user or access sensitive information.
Products Associated with CVE-2026-41701
Want to know whenever a new CVE is published for VMware Spring Framework? stack.watch will email you.
Affected Versions
Spring AMQP:- Version 4.0.0 and below 4.0.4 is affected.
- Version 3.2.0 and below 3.2.11 is affected.
- Version 3.1.0 and below 3.1.16 is affected.
- Version 2.4.0 and below 2.4.18 is affected.