CVE-2016-2166 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-2166 Interim 1 6 2021-12-09T01:17:23Z current 2021-05-30T13:39:19Z 2021-12-09T01:17:23Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-2166 The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed libqpid-proton-cpp6-0.12.2-1.6 libqpid-proton6-0.12.2-1.6 perl-qpid-proton-0.12.2-1.6 python-qpid-proton-0.12.2-1.6 python-qpid-proton-doc-0.12.2-1.6 qpid-proton-0.12.2-1.6 qpid-proton-devel-0.12.2-1.6 qpid-proton-devel-doc-0.12.2-1.6 libqpid-proton-cpp6-0.12.2-1.6 as a component of openSUSE Tumbleweed libqpid-proton6-0.12.2-1.6 as a component of openSUSE Tumbleweed perl-qpid-proton-0.12.2-1.6 as a component of openSUSE Tumbleweed python-qpid-proton-0.12.2-1.6 as a component of openSUSE Tumbleweed python-qpid-proton-doc-0.12.2-1.6 as a component of openSUSE Tumbleweed qpid-proton-0.12.2-1.6 as a component of openSUSE Tumbleweed qpid-proton-devel-0.12.2-1.6 as a component of openSUSE Tumbleweed qpid-proton-devel-doc-0.12.2-1.6 as a component of openSUSE Tumbleweed The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors. CVE-2016-2166 openSUSE Tumbleweed:libqpid-proton-cpp6-0.12.2-1.6 openSUSE Tumbleweed:libqpid-proton6-0.12.2-1.6 openSUSE Tumbleweed:perl-qpid-proton-0.12.2-1.6 openSUSE Tumbleweed:python-qpid-proton-0.12.2-1.6 openSUSE Tumbleweed:python-qpid-proton-doc-0.12.2-1.6 openSUSE Tumbleweed:qpid-proton-0.12.2-1.6 openSUSE Tumbleweed:qpid-proton-devel-0.12.2-1.6 openSUSE Tumbleweed:qpid-proton-devel-doc-0.12.2-1.6 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N 6.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N