Vulnerabilities > Eclipse > Hono
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-14 | CVE-2020-27220 | Missing Authorization vulnerability in Eclipse Hono The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. | 8.8 |
2020-11-13 | CVE-2020-27217 | Unspecified vulnerability in Eclipse Hono 1.3.0/1.4.0 In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. | 7.5 |