CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7652

In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available (default limit typically 1024 file descriptors on Linux), then opening the configuration file will fail.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.0%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 6.0

References

Products affected by CVE-2017-7652

Eclipse » Mosquitto » Version: 1.0

cpe:2.3:a:eclipse:mosquitto:1.0
Eclipse » Mosquitto » Version: 1.0.1

cpe:2.3:a:eclipse:mosquitto:1.0.1
Eclipse » Mosquitto » Version: 1.0.2

cpe:2.3:a:eclipse:mosquitto:1.0.2
Eclipse » Mosquitto » Version: 1.0.3

cpe:2.3:a:eclipse:mosquitto:1.0.3
Eclipse » Mosquitto » Version: 1.0.4

cpe:2.3:a:eclipse:mosquitto:1.0.4
Eclipse » Mosquitto » Version: 1.0.5

cpe:2.3:a:eclipse:mosquitto:1.0.5
Eclipse » Mosquitto » Version: 1.1

cpe:2.3:a:eclipse:mosquitto:1.1
Eclipse » Mosquitto » Version: 1.1.1

cpe:2.3:a:eclipse:mosquitto:1.1.1
Eclipse » Mosquitto » Version: 1.1.2

cpe:2.3:a:eclipse:mosquitto:1.1.2
Eclipse » Mosquitto » Version: 1.1.3

cpe:2.3:a:eclipse:mosquitto:1.1.3
Eclipse » Mosquitto » Version: 1.1.90

cpe:2.3:a:eclipse:mosquitto:1.1.90
Eclipse » Mosquitto » Version: 1.2

cpe:2.3:a:eclipse:mosquitto:1.2
Eclipse » Mosquitto » Version: 1.2.1

cpe:2.3:a:eclipse:mosquitto:1.2.1
Eclipse » Mosquitto » Version: 1.2.2

cpe:2.3:a:eclipse:mosquitto:1.2.2
Eclipse » Mosquitto » Version: 1.2.3

cpe:2.3:a:eclipse:mosquitto:1.2.3
Eclipse » Mosquitto » Version: 1.3

cpe:2.3:a:eclipse:mosquitto:1.3
Eclipse » Mosquitto » Version: 1.3.1

cpe:2.3:a:eclipse:mosquitto:1.3.1
Eclipse » Mosquitto » Version: 1.3.2

cpe:2.3:a:eclipse:mosquitto:1.3.2
Eclipse » Mosquitto » Version: 1.3.3

cpe:2.3:a:eclipse:mosquitto:1.3.3
Eclipse » Mosquitto » Version: 1.3.4

cpe:2.3:a:eclipse:mosquitto:1.3.4
Eclipse » Mosquitto » Version: 1.3.5

cpe:2.3:a:eclipse:mosquitto:1.3.5
Eclipse » Mosquitto » Version: 1.4

cpe:2.3:a:eclipse:mosquitto:1.4
Eclipse » Mosquitto » Version: 1.4.1

cpe:2.3:a:eclipse:mosquitto:1.4.1
Eclipse » Mosquitto » Version: 1.4.10

cpe:2.3:a:eclipse:mosquitto:1.4.10
Eclipse » Mosquitto » Version: 1.4.11

cpe:2.3:a:eclipse:mosquitto:1.4.11
Eclipse » Mosquitto » Version: 1.4.12

cpe:2.3:a:eclipse:mosquitto:1.4.12
Eclipse » Mosquitto » Version: 1.4.13

cpe:2.3:a:eclipse:mosquitto:1.4.13
Eclipse » Mosquitto » Version: 1.4.14

cpe:2.3:a:eclipse:mosquitto:1.4.14
Eclipse » Mosquitto » Version: 1.4.2

cpe:2.3:a:eclipse:mosquitto:1.4.2
Eclipse » Mosquitto » Version: 1.4.3

cpe:2.3:a:eclipse:mosquitto:1.4.3
Eclipse » Mosquitto » Version: 1.4.4

cpe:2.3:a:eclipse:mosquitto:1.4.4
Eclipse » Mosquitto » Version: 1.4.5

cpe:2.3:a:eclipse:mosquitto:1.4.5
Eclipse » Mosquitto » Version: 1.4.6

cpe:2.3:a:eclipse:mosquitto:1.4.6
Eclipse » Mosquitto » Version: 1.4.7

cpe:2.3:a:eclipse:mosquitto:1.4.7
Eclipse » Mosquitto » Version: 1.4.8

cpe:2.3:a:eclipse:mosquitto:1.4.8
Eclipse » Mosquitto » Version: 1.4.9

cpe:2.3:a:eclipse:mosquitto:1.4.9
Debian » Debian Linux » Version: 7.0

cpe:2.3:o:debian:debian_linux:7.0
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7652

Products

Pricing

Contact Us