CVE-2020-5419 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-5419 Interim 1 33 2025-04-03T23:25:57Z current 2021-05-30T14:36:10Z 2025-04-03T23:25:57Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-5419 RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 HPE Helion OpenStack Cloud 8 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 erlang-rabbitmq-client rabbitmq-server rabbitmq-server-plugins rabbitmq-server as a component of HPE Helion OpenStack 8 rabbitmq-server-plugins as a component of HPE Helion OpenStack 8 rabbitmq-server as a component of HPE Helion OpenStack Cloud 8 erlang-rabbitmq-client as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 rabbitmq-server as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 rabbitmq-server-plugins as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 erlang-rabbitmq-client as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 rabbitmq-server as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 rabbitmq-server-plugins as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 rabbitmq-server as a component of SUSE OpenStack Cloud 6-LTSS rabbitmq-server-plugins as a component of SUSE OpenStack Cloud 6-LTSS rabbitmq-server as a component of SUSE OpenStack Cloud 7 rabbitmq-server-plugins as a component of SUSE OpenStack Cloud 7 rabbitmq-server as a component of SUSE OpenStack Cloud 8 rabbitmq-server-plugins as a component of SUSE OpenStack Cloud 8 rabbitmq-server as a component of SUSE OpenStack Cloud 9 rabbitmq-server-plugins as a component of SUSE OpenStack Cloud 9 rabbitmq-server as a component of SUSE OpenStack Cloud Crowbar 8 rabbitmq-server-plugins as a component of SUSE OpenStack Cloud Crowbar 8 rabbitmq-server as a component of SUSE OpenStack Cloud Crowbar 9 rabbitmq-server-plugins as a component of SUSE OpenStack Cloud Crowbar 9 RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code. CVE-2020-5419 HPE Helion OpenStack 8:rabbitmq-server HPE Helion OpenStack 8:rabbitmq-server-plugins HPE Helion OpenStack Cloud 8:rabbitmq-server SUSE Linux Enterprise Module for Server Applications 15 SP2:erlang-rabbitmq-client SUSE Linux Enterprise Module for Server Applications 15 SP2:rabbitmq-server SUSE Linux Enterprise Module for Server Applications 15 SP2:rabbitmq-server-plugins SUSE Linux Enterprise Module for Server Applications 15 SP3:erlang-rabbitmq-client SUSE Linux Enterprise Module for Server Applications 15 SP3:rabbitmq-server SUSE Linux Enterprise Module for Server Applications 15 SP3:rabbitmq-server-plugins SUSE OpenStack Cloud 6-LTSS:rabbitmq-server SUSE OpenStack Cloud 6-LTSS:rabbitmq-server-plugins SUSE OpenStack Cloud 7:rabbitmq-server SUSE OpenStack Cloud 7:rabbitmq-server-plugins SUSE OpenStack Cloud 8:rabbitmq-server SUSE OpenStack Cloud 8:rabbitmq-server-plugins SUSE OpenStack Cloud 9:rabbitmq-server SUSE OpenStack Cloud 9:rabbitmq-server-plugins SUSE OpenStack Cloud Crowbar 8:rabbitmq-server SUSE OpenStack Cloud Crowbar 8:rabbitmq-server-plugins SUSE OpenStack Cloud Crowbar 9:rabbitmq-server SUSE OpenStack Cloud Crowbar 9:rabbitmq-server-plugins moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H