CVE-2014-9494

EPSS 0.39%

Published: 1/20/2015Modified: 4/28/2026

Also known as:DEBIAN-CVE-2014-9494

Description

RabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_users restriction via a crafted X-Forwareded-For header.

Affected packages (1)

Debian/rabbitmq-serverfrom 0, < 3.4.1-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-9494