{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T16:53:59.046","vulnerabilities":[{"cve":{"id":"CVE-2017-15701","sourceIdentifier":"security@apache.org","published":"2017-12-01T15:29:00.213","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected."},{"lang":"es","value":"En Apache Qpid Broker-J versiones 6.1.0 hasta 6.1.4 (inclusive), el broker no impone apropiadamente un tamaño máximo de trama en tramas AMQP versión 1.0. Un atacante remoto no autenticado podría explotar esto para hacer que el broker agote toda la memoria disponible y finalmente termine. Los protocolos AMQP más antiguos no se ven afectados."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:qpid_broker-j:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndIncluding":"6.1.4","matchCriteriaId":"84271735-DF9D-4AAF-B123-88403028D2A4"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/102041","source":"security@apache.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://issues.apache.org/jira/browse/QPID-7947","source":"security@apache.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E","source":"security@apache.org"},{"url":"https://qpid.apache.org/cves/CVE-2017-15701.html","source":"security@apache.org","tags":["Mitigation","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/102041","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://issues.apache.org/jira/browse/QPID-7947","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://qpid.apache.org/cves/CVE-2017-15701.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}