Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Register by January 31 for $300 off your Qlik Connect pass: Register Now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Philipp_Walter
Partner - Contributor
Partner - Contributor
‎2021-06-24 03:26 AM

Security Breach RabbitMQ Nprinting

Hi there,

the RabbitMQ Software Versions 3.8.X are vulnerable to DOS Attacks over the MQTT Protocol.

https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq/

Is there a Way to manually update RabbitMQ to Version 3.8.16 where they fix that problem? Or will be there a Nprinting Patch?

 

Greetings

Philipp

 

Labels (2)
Labels
810 Views
0 Likes
1 Solution

Accepted Solutions
Ruggero_Piccoli
Support
Support
‎2021-06-24 06:18 AM

Hi,

For this kind of request please open a support ticket that will be sent to the developers.

About the CVE-2021-22116 security breach of RabbitMQ please note that (from https://tanzu.vmware.com/security/cve-2021-22116) : "A malicious can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.". Qlik NPrinting has not the AMQP 1.0 plugin enabled. You can check the list of enabled plugins by opening the file c:\ProgramData\NPrinting\RabbitMQ\enabled_plugins in the Qlik NPrinting Server with a text editor.

Best Regards,
Ruggero



Best Regards,
Ruggero
---------------------------------------------
When applicable please mark the appropriate replies as CORRECT. This will help community members and Qlik Employees know which discussions have already been addressed and have a possible known solution. Please mark threads with a LIKE if the provided solution is helpful to the problem, but does not necessarily solve the indicated problem. You can mark multiple threads with LIKEs if you feel additional info is useful to others.

View solution in original post

774 Views
0 Likes
1 Reply
Ruggero_Piccoli
Support
Support
‎2021-06-24 06:18 AM

Hi,

For this kind of request please open a support ticket that will be sent to the developers.

About the CVE-2021-22116 security breach of RabbitMQ please note that (from https://tanzu.vmware.com/security/cve-2021-22116) : "A malicious can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.". Qlik NPrinting has not the AMQP 1.0 plugin enabled. You can check the list of enabled plugins by opening the file c:\ProgramData\NPrinting\RabbitMQ\enabled_plugins in the Qlik NPrinting Server with a text editor.

Best Regards,
Ruggero



Best Regards,
Ruggero
---------------------------------------------
When applicable please mark the appropriate replies as CORRECT. This will help community members and Qlik Employees know which discussions have already been addressed and have a possible known solution. Please mark threads with a LIKE if the provided solution is helpful to the problem, but does not necessarily solve the indicated problem. You can mark multiple threads with LIKEs if you feel additional info is useful to others.
775 Views
0 Likes