Critical severity9.8NVD Advisory· Published Jul 4, 2017· Updated Jun 17, 2026
CVE-2017-10807
CVE-2017-10807
Description
JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32- osv-coords30 versionspkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/jabberd&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/jabberd&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/jabberd&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/jabberd&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/osad&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/osad&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/rhnpush&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/rhnpush&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/salt-netapi-client&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/smdba&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-branding&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-proxy&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/spacewalksd&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/spacewalk-search&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/zypp-plugin-spacewalk&distro=SUSE%20Manager%20Proxy%203.1
< 2.6.6-5.3.1+ 29 more
- (no CPE)range: < 2.6.6-5.3.1
- (no CPE)range: < 2.6.1-4.6.1
- (no CPE)range: < 2.6.1-3.3.1
- (no CPE)range: < 2.6.1-4.6.1
- (no CPE)range: < 2.6.1-3.3.1
- (no CPE)range: < 5.11.80.3-2.3.1
- (no CPE)range: < 5.11.80.3-2.3.1
- (no CPE)range: < 5.5.104.3-2.3.2
- (no CPE)range: < 5.5.104.3-2.3.2
- (no CPE)range: < 0.12.0-3.3.1
- (no CPE)range: < 1.5.8-0.2.3.1
- (no CPE)range: < 2.7.8.6-2.3.1
- (no CPE)range: < 2.7.73.7-2.3.1
- (no CPE)range: < 2.7.73.7-2.3.1
- (no CPE)range: < 2.7.2.7-2.3.1
- (no CPE)range: < 2.7.0.7-2.3.1
- (no CPE)range: < 2.7.0.7-2.3.1
- (no CPE)range: < 2.7.46.5-2.3.1
- (no CPE)range: < 2.7.1.4-2.3.1
- (no CPE)range: < 5.0.26.3-2.3.1
- (no CPE)range: < 2.7.3.2-2.3.4
- (no CPE)range: < 2.7.10.5-2.3.1
- (no CPE)range: < 2.7.1.10-2.3.1
- (no CPE)range: < 2.7.1.10-2.3.1
- (no CPE)range: < 3.1.2-2.3.1
- (no CPE)range: < 3.1.8-2.3.1
- (no CPE)range: < 3-10.3.1
- (no CPE)range: < 3.1.9-2.3.1
- (no CPE)range: < 3.1.6-2.3.1
- (no CPE)range: < 0.9.16-2.3.1
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/99511nvdThird Party AdvisoryVDB Entry
- bugs.debian.org/867032nvdThird Party Advisory
- github.com/jabberd2/jabberd2/commit/8416ae54ecefa670534f27a31db71d048b9c7f16nvdThird Party Advisory
- github.com/jabberd2/jabberd2/releases/tag/jabberd-2.6.1nvdThird Party Advisory
- www.debian.org/security/2017/dsa-3902nvd
News mentions
0No linked articles in our index yet.