Skip to content

RabbitMQ exposed to the internet

Severity: criticalApplies to: Any reachable broker

A RabbitMQ broker reachable from an untrusted network has several distinct ways to go wrong, and they range from bad to very bad. Unlike a database, where the loss is the data, an exposed broker can be a loss of the host — because RabbitMQ runs on the Erlang VM, and Erlang’s clustering is code execution by design.

The management UI. Port 15672 with a weak or default account. If guest still works — which requires loopback_users to have been loosened — or any account has a guessable password, the management API is broker takeover through a browser: read every queue, publish anything, export /api/definitions (which includes password hashes), reconfigure everything.

AMQP with a working credential. Port 5672/5671 plus a known password lets an attacker publish to your exchanges and consume from your queues — injecting work into your systems, or draining and reading the messages flowing between your services. What that’s worth depends on what you send through the broker, and it’s usually more than you’d like.

The Erlang distribution port — the RCE. This is the one that makes RabbitMQ different. Port 25672, reachable, plus a weak or default Erlang cookie, means an attacker connects an Erlang node to yours and runs arbitrary code as the rabbitmq user. Not message theft — a shell. epmd on 4369 is the map that leads there, enumerating your nodes and their distribution ports.

So the severity of an exposed broker depends entirely on what’s exposed and how it’s configured. At best it’s message interception; at worst it’s a host compromise that happens to be running a message broker.

In rough order:

  1. loopback_users = none plus exposed ports — someone lifted the guest restriction to fix a remote client, and now guest/guest works from anywhere with admin rights.
  2. The management UI on 15672, exposed, over plain HTTP — credentials sniffed, or a weak password guessed.
  3. A default or weak Erlang cookie with 25672 reachable — the RCE path, especially on brokers built from images that ship predictable cookies.
  4. A real credential reused or leaked from an application config, working because the broker is reachable and TLS was never required.
  1. Delete guest and check loopback_users — and never set it to none.
  2. Firewall every port — 5672, 15672, and especially 25672 and 4369. Nothing but your nodes should reach the last two.
  3. Fix the Erlang cookie — strong, random, chmod 400, different per cluster.
  4. Require TLS and bind the management UI to loopback.

Steps 1 and 2 stop the bleeding in minutes.