Apache Qpid Broker-J AMQP Commands Denial of Service Vulnerability



A vulnerability in the Broker-J component of Apache Qpid could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted device.

The vulnerability is due to the improper processing of crafted Advanced Message Queuing Protocol (AMQP) commands by an affected system. An attacker could exploit this vulnerability by sending crafted AMQP commands to the targeted system using AMQP protocol versions previous to 1.0. A successful exploit could cause a DoS condition on the targeted system.

Apache has confirmed the vulnerability and released software updates.

Security Impact Rating: High

CVE: CVE-2019-0200

Source:: Cisco Multivendor Vulnerability Alerts