AMQP (RabbitMQ) Cleartext Authentication

P.Cookson · June 25, 2019, 8:55am

Hi all

Our Nessus security vulnerability scanner reports the following vulnerability since installing RabbitMQ as part of the AWX setup:

“AMQP Cleartext Authentication - The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear”

I’m wondering why this would be an issue if AWX and RabbitMQ are only communicating “internally,” on the same machine, but has anyone else encountered this and know what the solution is?

Environment Details:

AWX 4.0.0
Ansible 2.8.0
RabbitMQ 3.7.15
OS RHEL 7.6

Regards
Phil

Topic		Replies	Views
Where to add RabbitMQ certificates in Execution environment for authentication Ansible Project awx , ee	0	0	February 21, 2024
SSH ProxyCommand on AWX without writing SSH key in plain text to awx_task container? AWX Project awx	2	2	February 18, 2019
Upcoming Architectural Changes to the AWX Project AWX Project awx	0	3	March 17, 2020
ssh connectivity issue AWX 2.1.0 AWX Project awx	7	4	December 4, 2018
AWX still use RabbitMq still ? AWX Project awx	2	2	December 1, 2020

AMQP (RabbitMQ) Cleartext Authentication

Related topics