CVE-2019-11287

HIGH

RabbitMQ 3.7.0-3.7.20 and 3.8.0 - Denial of Service via X-Reason HTTP Header Format String

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-11287. PoCs published by mbadanoiu.

AI-analyzed exploit summary The repository claims to provide a PoC for CVE-2019-11287, a DoS vulnerability in RabbitMQ's web management plugin, but only includes a README with vague details and a link to an external PDF. No actual exploit code is present.

Description

Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.

Exploits (1)

nomisec SUSPICIOUS

by mbadanoiu · poc

https://github.com/mbadanoiu/CVE-2019-11287

View Code ZIP pw:eip

The repository claims to provide a PoC for CVE-2019-11287, a DoS vulnerability in RabbitMQ's web management plugin, but only includes a README with vague details and a link to an external PDF. No actual exploit code is present.

Classification

Suspicious 90%

Attack Type

Dos

Complexity

Theoretical

Reliability

Theoretical

Target: RabbitMQ (3.7.x < 3.7.21, 3.8.x < 3.8.1, Pivotal Platform 1.16.x < 1.16.7, 1.17.x < 1.17.4)

Auth required

Prerequisites: Valid user credentials · Access to RabbitMQ web management interface

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory x_refsource_confirm

https://pivotal.io/security/cve-2019-11287

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEQ6O7PMNJKYFMQYHAB55L423GYK63SO/

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYTGR3D5FW2O25RXZOTIZMOD2HAUVBE4/

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2020:0078

Exploit, Third Party Advisory x_refsource_misc

https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-11287-DoS%20via%20Heap%20Overflow-RabbitMQ%20Web%20Management%20Plugin

Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2021/07/msg00011.html

Scores

CVSS v3 7.5

EPSS 0.0460

EPSS Percentile 89.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-134 CWE-400

Status published

Products (8)

broadcom/rabbitmq_server 3.8.0 - 3.8.1

debian/debian_linux 9.0

fedoraproject/fedora 30

fedoraproject/fedora 31

Hex/RabbitMQ 3.7.0 - 3.7.21Hex

pivotal_software/rabbitmq 1.16.0 - 1.16.7

pivotal_software/rabbitmq 3.7.0 - 3.7.21

redhat/openstack 15

Published Nov 23, 2019

Tracked Since Feb 18, 2026