Vulnerabilities > Broadcom > Rabbitmq Server > 3.8.3

DATE CVE VULNERABILITY TITLE RISK
2021-05-18 CVE-2021-22117 Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Rabbitmq Server
RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.
local
low complexity
broadcom CWE-732
7.8
7.8
2020-08-31 CVE-2020-5419 Uncontrolled Search Path Element vulnerability in multiple products
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution.
local
low complexity
pivotal-software broadcom CWE-427
6.7
6.7