What is CVE-2023-46118?

CVE-2023-46118 is a medium-severity vulnerability in Rabbitmq Rabbitmq-server, classified under Uncontrolled Resource Consumption. CVSS score: 4.9/10. Published 2023-10-24.

How severe is CVE-2023-46118?

Medium severity. CVSS v3 base score is 4.9 out of 10.

Resource exhaustion in Rabbitmq Rabbitmq-server

CVE-2023-46118

RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient cred…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.003 (54.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.9 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H.

Affected products

Rabbitmq Rabbitmq-server — versions < 3.12.7, < 3.11.24

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

Frequently asked questions

What is CVE-2023-46118?: CVE-2023-46118 is a medium-severity vulnerability in Rabbitmq Rabbitmq-server, classified under Uncontrolled Resource Consumption. CVSS score: 4.9/10. Published 2023-10-24.
How severe is CVE-2023-46118?: Medium severity. CVSS v3 base score is 4.9 out of 10.