All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter
Baker's Take· 10 sources

Attackers Can Steal OAuth Secrets and Impersonate RabbitMQ Brokers in New Critical Flaw

By

Mr Bagel

· 5d ago

A critical vulnerability in RabbitMQ's management web interface allows unauthenticated attackers to steal the broker's OAuth client secret and potentially gain full administrative control, according to radar.offseq.com. The flaw, tracked as CVE-2026-5721, targets configurations where the OAuth secret is set and the management port is exposed to untrusted networks.

Attackers Can Steal OAuth Secrets and Impersonate RabbitMQ Brokers in New Critical Flaw

"unauthenticated attackers to obtain the broker's confidential OAuth client secret"

By using the stolen secret, an attacker can impersonate the broker to the identity provider and obtain administrator tokens, enabling control over users, messages, queues, and broker settings. The vulnerability was introduced in RabbitMQ version 3.13.0 and affects versions up to the fixes released in 3.13.15, 4.0.20, 4.1.11, and 4.2.6.

A second flaw, CVE-2026-57221, was also disclosed and lets authenticated users enumerate queues and exchanges, increasing reconnaissance risks in shared or internet-exposed deployments, according to hendryadrian.com. Together, the two vulnerabilities pose a significant threat to enterprises relying on RabbitMQ's OAuth/OIDC integrations.

"The vulnerabilities affect OAuth/OIDC integrations with providers like Auth0, Azure AD, Entra ID, and Keycloak."

Organizations using those identity providers with an exposed management interface are at heightened risk of broker takeover and data exposure. The flaw does not affect instances without the management plugin or without a configured client secret.

RabbitMQ has released patched versions for all affected branches, and administrators are urged to update immediately or restrict access to the management web interface as a workaround. The disclosure underscores the critical importance of securing message broker infrastructure against credential theft.

The reporting

10 outlets covered this story. Each links to the original.

0

Comments

Sign in to join the conversation.

No comments yet. Be the first.