• Support
  • Forums
  • Blogs

AMQP clear text authentication vulnerability

tcaetanotcaetano

New Life Form
+2
we used nessus scanner and it identified AMQP clear text authentication as a Medium vulnerability, therefore we must fix the issue to be pci-dss compliant.

The service is rabbit mq and from i have found in other questions, it is critical service for the ossim server.

It is possible to use TLS [1] and disable unencrypted access in the configuration file but i would like to know if this will prevent ossim from working.

I found this "
ENG-104898, Vulnerable Debian Package - rabbitmq-server (CVE-2016-9877) - AlienVault 5.3.5 is not vulnerable."

So what should i do?? disable unencrypted access or use this security advisory?

Share post:

Best Answer

  • Answer ✓
    tcaetano,

    You should refer to the security advisory. This vulnerability does not affect ALienVault products as OSSIM and USM Appliance do not use password authentication, but force negotiation using a pre-shared certificate. In such, there is no exposure to the vulnerability.


    No changes are required to maintain PCI compliance, unless you have modified the Rabbit MQ Server configuration, as the result is a conditional false positive.
    tcaetano
Sign In or Register to comment.