Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
CVSS Score
5.0
EPSS Score
0.027
Published
2012-08-27
Page 2