ГлавнаяУязвимости → CVE-2024-42655
8.8высокая

CVE-2024-42655

Описание

An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters.

Затрагиваемое ПО
Emqx Nanomq
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://github.com/nanomq/nanomqhttps://github.com/nanomq/nanomq/issues/1782#issuecomment-2171025812https://github.com/songxpu/bug_report/blob/master/MQTT/NanoMQ/CVE-2024-42655.md