MEDIUM 4.4

CVE-2026-41701: Spring AMQP Predictable Correlation ID Vulnerability

Spring AMQP's RabbitTemplate.sendAndReceive() method uses predictable correlation IDs when configured with a fixed reply queue. An attacker with elevated privileges and network access could potentially intercept or manipulate message correlations because the IDs follow a simple counter pattern rather than being cryptographically random. This affects multiple versions across four release branches of Spring AMQP.

Source data · NVD / CISA · public domain

CVSS
3.1 · 4.4 MEDIUM · CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Weaknesses (CWE)
CWE-330
Affected products
0 configuration(s)
Published / Modified
2026-06-10 / 2026-06-23

NVD description (verbatim)

Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17.

1 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

The vulnerability resides in Spring AMQP's message correlation mechanism for request-reply patterns using RabbitTemplate.sendAndReceive() with a fixed reply queue. The correlation IDs are generated using a basic counter instead of a secure random source, making them predictable. An attacker positioned on the network and possessing administrative credentials could exploit this weak randomness to correlate outbound requests with incoming replies, potentially mapping application message flows or injecting responses into unintended message handlers. The issue is rooted in CWE-330 (Use of Insufficiently Random Values).

Business impact

If your application relies on Spring AMQP's request-reply messaging for sensitive operations—such as configuration updates, financial transactions, or authentication flows—predictable correlation IDs could enable message hijacking or response injection attacks. The impact depends on message sensitivity and the network isolation of your RabbitMQ infrastructure. Applications using Spring AMQP for internal, trusted communication on isolated networks face lower risk than those exposed to untrusted networks. An attacker would need valid RabbitMQ credentials and network access, but if those are compromised, the weak correlation mechanism becomes an additional vector for data integrity and confidentiality violations.

Affected systems

Spring AMQP versions 2.4.0–2.4.17, 3.1.0–3.1.15, 3.2.0–3.2.10, and 4.0.0–4.0.3 are affected. All versions post-2.4.0 through the latest 4.0.x release require assessment. If your application directly uses RabbitTemplate.sendAndReceive() with a fixed reply queue configuration, you are in scope. Applications using fire-and-forget patterns or third-party AMQP frameworks are unaffected.

Exploitability

The CVSS 4.4 MEDIUM rating reflects that exploitation requires high privilege (PR:H) and high attack complexity (AC:H), though network accessibility (AV:N) is possible. An attacker must have valid broker credentials and the ability to eavesdrop or actively participate on the message queue. Exploitation does not require user interaction. The impact is limited to partial confidentiality and integrity loss with no availability impact. This is not an unauthenticated, remotely trivial attack; however, it does extend the attack surface for adversaries who have already gained broker access.

Remediation

Upgrade Spring AMQP to patched versions. Verify the availability of security releases addressing this issue—check the official Spring Security Advisories and Maven Central for version numbers that resolve CWE-330. In the interim, isolate RabbitMQ infrastructure to trusted networks only, enforce strong authentication, and monitor for unusual message correlation patterns. Consider rotating broker credentials and reviewing access logs for unauthorized connection attempts. For applications where the fixed reply queue pattern is not essential, switching to dynamically generated reply queues may reduce exposure.

Patch guidance

Monitor the Spring AMQP GitHub releases and Maven Central for patched versions beyond 4.0.3, 3.2.10, 3.1.15, and 2.4.17. The Spring Security team typically announces patches through the Spring Security Advisories page (spring.io/security). Verify patch availability before scheduling upgrades. Test patched versions in a staging environment, paying particular attention to request-reply message flows, to ensure no regression in message handling or performance. Plan upgrades in coordination with your RabbitMQ and application deployment schedules.

Detection guidance

Monitor RabbitMQ logs and Spring AMQP application logs for correlations that appear sequential or predictable. Use network intrusion detection tools to flag patterns of repeated correlation ID sequences. Implement correlation ID validation at the application layer: log all sendAndReceive() invocations with their correlation IDs and response mappings, then analyze for anomalous patterns. If possible, enable RabbitMQ management plugin metrics to track correlation ID reuse or collision rates. Enable audit logging on RabbitMQ broker-level authentication and authorization to detect credential abuse.

Why prioritize this

Prioritize this patch as MEDIUM-HIGH for applications that (1) use Spring AMQP's request-reply messaging for business-critical operations, (2) operate in environments where RabbitMQ is exposed to untrusted networks or where credential compromise is credible, or (3) handle sensitive data through message exchanges. Organizations with defense-in-depth controls—such as network segmentation, strong credentials, and message encryption—may deprioritize relative to unprotected deployments. The lack of public exploit code and KEV designation does not diminish the need to patch; it reflects that this is an integrity/confidentiality risk rather than an active exploitation threat.

Risk score, explained

The CVSS 4.4 score appropriately reflects the attack complexity (high) and privilege requirements (high) that limit real-world exploitation. However, the scope (changed) and dual impact on confidentiality and integrity elevate it beyond a trivial issue. Organizations should not interpret MEDIUM as low priority: if an attacker gains broker credentials or network position, this vulnerability becomes a direct enabler of message tampering. Internal threat models that assume RabbitMQ is hardened should still account for insider threats and supply-chain compromises.

Frequently asked questions

Do we need to upgrade if RabbitMQ is only accessible on our private network and we use strong authentication?

Network isolation and strong credentials reduce—but do not eliminate—risk. Insider threats, compromised applications, or supply-chain attacks could still exploit weak correlation IDs. Upgrade to patched versions; the risk is non-zero and patches are the proper control.

Does this affect Spring Cloud Bus or other Spring Cloud AMQP-based libraries?

Any library or application that depends on Spring AMQP and uses RabbitTemplate.sendAndReceive() is potentially affected. Check your dependency tree and consult the relevant library's security advisories to determine if downstream consumers inherit the vulnerability.

Can we work around this vulnerability without upgrading?

Workarounds are limited. Avoid the fixed reply queue pattern where possible; use dynamically generated reply queues if your application design permits. Encrypt messages end-to-end and validate correlation IDs application-side. However, these mitigations are not substitutes for patching; they reduce surface area but do not eliminate the underlying randomness flaw.

What does the CVSS PR:H (high privilege) requirement mean in practice?

It means the attacker needs valid RabbitMQ user credentials with publish/consume permissions on the queues in question. If your RabbitMQ deployment uses default or weak credentials, or if credentials are shared widely, this requirement is less of a barrier than the CVSS suggests.

This analysis is based on CVE-2026-41701 as of the published date. Patch availability, affected software scope, and remediation timelines may change as vendors release updates and advisories. Verify patch status and version numbers against official vendor sources before deploying updates. This document does not constitute security advice tailored to your specific infrastructure; consult your internal security team and conduct threat modeling specific to your environment. No exploit code or weaponized proof-of-concept is provided; responsible disclosure principles apply. Source: NVD (public-domain), retrieved 2026-07-19. Analysis generated by SEC.co (claude-haiku-4-5).