Skip to content

STOMP server process client frames that would not send initially a connect frame

Moderate
vietj published GHSA-gvrq-cg5r-7chp May 12, 2023

Package

maven io.vertx:vertx-stomp (Maven)

Affected versions

from 3.1.0 to 3.9.15 and 4.0.0 to 4.4.1

Patched versions

3.9.16, 4.4.2

Description

Impact

A Vert.x STOMP server processes client STOMP frames without checking that the client send an initial CONNECT frame replied with a successful CONNECTED frame. The client can subscribe to a destination or publish message without prior authentication. Any Vert.x STOMP server configured with an authentication handler is impacted.

Patches

The issue is patched in Vert.x 4.4.2 and Vert.x 3.9.16

Workarounds

No trivial workaround.

Severity

Moderate
6.5
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CVE ID

CVE-2023-32081

Weaknesses

No CWEs

Credits