Vulnerability Details CVE-2023-35789
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.7%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2023-35789
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:-
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.1
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.10.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.11.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.12.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.13.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.2
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.3.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.4.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.4.1
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.5.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.5.1
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.5.2
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.6.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.7.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.7.1
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.8.0
-
cpe:2.3:a:rabbitmq-c_project:rabbitmq-c:0.9.0