CVE-2021-22117

Name of the Vulnerable Software and Affected Versions RabbitMQ versions prior to 3.8.16

Description The issue is related to insufficient access control in the plugin directory of RabbitMQ installers on Windows. This could potentially allow attackers with sufficient local filesystem permissions to add arbitrary plugins, leading to the execution of arbitrary code.

Recommendations For versions prior to 3.8.16, update to version 3.8.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin directory to minimize the risk of exploitation.