[KBA-79137] Critical vulnerability update for RabbitMQ - A critical vulnerability has been identified in some Genetec™ products that use the RabbitMQ message broker, a third-party component, to communicate with each other. - Genetec Mission Control™ | Sipelia | Industiral IoT | Airport Operational Manager (AOM) | Restricted Security Area (RSA) Surveillance | Inter-System Gateway

Product
Industrial IoT
Mission Control
Restricted Security Area Surveillance
Sipelia
Content type
KB articles
Language
English
Last updated
2022-11-16

[KBA-79137] Critical vulnerability update for RabbitMQ

A critical vulnerability has been identified in some Genetec products that use the RabbitMQ message broker, a third-party component, to communicate with each other.

The vulnerability might put affected products at risk by allowing malicious actors to bypass the authentication process and impersonate other users. This can occur when the server is configured to use TLS or DTLS authentication.

Applies to

  • Mission Control 2.13.1.0 - 2.13.4.x
  • Mission Control 2.12.1.5
  • Mission Control 2.11 GA and SR1
  • Airport Operational Manager (AOM) 1.3 - 1.4
  • Industrial IoT 4.4.2.0 - 5.0.0.2
  • Inter-System Gateway (IS Gateway) 1.0 - 1.1
  • Restricted Security Area (RSA) Surveillance 3.4 - 4.2
  • Sipelia 2.8 SR1, 2.9 GA, and 2.10 GA

Cause

This issue, identified as CVE-2022-37026, originates from a bug in Erlang/OTP that is used by the RabbitMQ message broker.

Workaround

  • Sipelia: Upgrade Sipelia to version 2.12 GA, available from the GTAP Product Download page.
  • All other affected products: Upgrade RabbitMQ to version 3.9.15.1, available from the GTAP Product Download page.
    IMPORTANT: If you are running Genetec Mission Control™ 2.11 GA or SR1, or 2.12.1.0 - 2.12.1.5, manually restart the Genetec™ Server service after the upgrade.

    The new RabbitMQ installer enforces a strong password policy, which might require updating your password.

Status

This issue will be resolved in the next releases of the affected products.