|Category:||Web application abuses|
|Title:||Apache Active MQ 5.0.0 - 5.15.5 Missing TLS Hostname Verification (Linux)|
|Summary:||Apache Active MQ is missing its TLS hostname verification.|
Apache Active MQ is missing its TLS hostname verification.
TLS hostname verification when using the Apache ActiveMQ Client was missing
which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server.
This is now enabled by default.
Apache Active MQ 5.0.0 up to and including 5.15.5.
Update to Apache Active MQ 5.15.6 or later.
BugTraq ID: 105335|
Common Vulnerability Exposure (CVE) ID: CVE-2018-11775
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.