TLS hostname verification when using the Apache ActiveMQ Client prior to 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache activemq |
||
oracle flexcube private banking 2.2.0.1 |
||
oracle enterprise repository 12.1.3.0.0 |
||
oracle flexcube private banking 2.0.0.0 |
||
oracle flexcube private banking 12.0.1.0 |
||
oracle flexcube private banking 12.0.3.0 |
||
oracle flexcube private banking 12.1.0.0 |