Copy link to issue

RabbitMQ's non-SSL management port (15672) listens on all interfaces

Description

After installation, RabbitMQ enables its management GUI available on port 15672, non-SSL protected and bound to all local interfaces (0.0.0.0).

Should only listen to localhost, and also be SSL-protected.
Or just disabled by default.

Steps to Reproduce

add steps to reproduce

Why Propose Close?

None

Activity

Show:

Guy Offer

February 12, 2018, 9:34 AM

Copy link to comment

Not for 4.3

Fixed

Assignee

Uri Wygodny

Reporter

Isaac Shabtay

Labels

SprinTali

Severity

High

Target Version

4.4

Premium Only

yes

Found In Version

4.3

QA Owner

None

Bug Type

legacy bug

Customer Encountered

None

Customer Name

None

Release Notes

None

Priority

None

Epic Link

General EPIC

Sprint

None

Priority

Unprioritized

Configure

Cloudify Board

RabbitMQ's non-SSL management port (15672) listens on all interfaces

Description

Steps to Reproduce

Why Propose Close?

Activity

Assignee

Reporter

Labels

Severity

Target Version

Premium Only

Found In Version

QA Owner

Bug Type

Customer Encountered

Customer Name

Release Notes

Priority

Epic Link

Sprint

Priority