suse · CVE-2017-4965

Quick triage

Priority: low Published: 2021-05-30 13:51:24 UTC Updated: 2025-11-05 04:09:12 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-4965 severity low: SUSE including 57 source package names (ansible-2.2.3.0-12.2, crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5, …), 68 product×package rows across 8 product lines (HPE Helion OpenStack 8, HPE Helion OpenStack Cloud 8, … (8 product lines)): Fixed 54, Known Not Affected 14.

Description:

An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.

cvelogic Threat Intelligence