topic Security Breach RabbitMQ Nprinting in Qlik NPrinting https://community.qlik.com/t5/Qlik-NPrinting/Security-Breach-RabbitMQ-Nprinting/m-p/1817523#M32576 <P>Hi there,</P><P>the RabbitMQ Software Versions 3.8.X are vulnerable to DOS Attacks over the MQTT Protocol.</P><P><A href="https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq/" target="_blank">https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq/</A></P><P>Is there a Way to manually update RabbitMQ to Version 3.8.16 where they fix that problem? Or will be there a Nprinting Patch?</P><P>&nbsp;</P><P>Greetings</P><P>Philipp</P><P>&nbsp;</P> Fri, 15 Nov 2024 22:46:59 GMT Philipp_Walter 2024-11-15T22:46:59Z Security Breach RabbitMQ Nprinting https://community.qlik.com/t5/Qlik-NPrinting/Security-Breach-RabbitMQ-Nprinting/m-p/1817523#M32576 <P>Hi there,</P><P>the RabbitMQ Software Versions 3.8.X are vulnerable to DOS Attacks over the MQTT Protocol.</P><P><A href="https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq/" target="_blank">https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq/</A></P><P>Is there a Way to manually update RabbitMQ to Version 3.8.16 where they fix that problem? Or will be there a Nprinting Patch?</P><P>&nbsp;</P><P>Greetings</P><P>Philipp</P><P>&nbsp;</P> Fri, 15 Nov 2024 22:46:59 GMT https://community.qlik.com/t5/Qlik-NPrinting/Security-Breach-RabbitMQ-Nprinting/m-p/1817523#M32576 Philipp_Walter 2024-11-15T22:46:59Z Re: Security Breach RabbitMQ Nprinting https://community.qlik.com/t5/Qlik-NPrinting/Security-Breach-RabbitMQ-Nprinting/m-p/1817580#M32578 <P>Hi,</P><P>For this kind of request please open a support ticket that will be sent to the developers.</P><P>About the CVE-2021-22116 security breach of RabbitMQ please note that (from <A href="https://tanzu.vmware.com/security/cve-2021-22116" target="_blank" rel="noopener">https://tanzu.vmware.com/security/cve-2021-22116) :</A> "A malicious can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.". Qlik NPrinting has not the AMQP 1.0 plugin enabled. You can check the list of enabled plugins by opening the file c:\ProgramData\NPrinting\RabbitMQ\enabled_plugins in the Qlik NPrinting Server with a text editor.</P><P>Best Regards,<BR />Ruggero</P> Thu, 24 Jun 2021 10:18:40 GMT https://community.qlik.com/t5/Qlik-NPrinting/Security-Breach-RabbitMQ-Nprinting/m-p/1817580#M32578 Ruggero_Piccoli 2021-06-24T10:18:40Z