CVE-2018-1279: RabbitMQ cluster compromise due to deterministically generated cookie
Severity
High
Vendor
Pivotal
Description
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster.
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- All versions of RabbitMQ for PCF are affected if:
- The cluster is multi-tenant
- The erlang cookie was not manually configured
- Connections from untrusted sources on ports 4369 and 25672 are allowed
Mitigation
Users of affected versions should apply the following mitigation:
- Block access to ports 4369 and 25672 for the cluster from untrusted sources
- Generate and set a new cookie (https://www.rabbitmq.com/clustering.html#erlang-cookie)
History
2018-12-05: Initial vulnerability report published