Strix
26.1K

CVE-2018-8030

UnknownEPSS 3.98%

Last modified

CVE-2018-8030 is a vulnerability of currently unknown severity. A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. EPSS estimates a 3.98% chance of exploitation in the next 30 days.

Description

A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected.

Metrics

EPSS Probability
3.98%

89.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ApacheQpid Broker-J>= 7.0.0, <= 7.0.4

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-8030?
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected.
How severe is CVE-2018-8030?
Severity scoring for CVE-2018-8030 is pending analysis. The EPSS model estimates a 3.98% probability of exploitation in the next 30 days.
How do I fix CVE-2018-8030?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-8030?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST