CVE-2025-50200

Name
CVE-2025-50200
Description
RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which show base64 encoded username:password. This is easy to decode and afterwards could be used to obtain control to the system depending on credentials. This issue has been patched in version 4.0.8.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-gh3x-4x42-fvq8

Match rules

CPE URI Source package Min version Max version
rabbitmq-server >= 0 <= 3.13.7
cpe:2.3:a:broadcom:rabbitmq_server:*:*:*:*:*:*:*:* rabbitmq_server >= None < 4.0.8

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
rabbitmq-server edge-community 3.13.7-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
rabbitmq-server edge-community 3.9.1-r0 None possibly vulnerable
rabbitmq-server edge-community 3.7.17-r0 None possibly vulnerable
rabbitmq-server 3.22-community 3.13.7-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
rabbitmq-server 3.22-community 3.9.1-r0 None possibly vulnerable
rabbitmq-server 3.22-community 3.7.17-r0 None possibly vulnerable