Published: 10/09/2018 Updated: 07/11/2023

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.4 | Impact Score: 5.2 | Exploitability Score: 2.2

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

TLS hostname verification when using the Apache ActiveMQ Client prior to 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache activemq
oracle flexcube private banking 2.2.0.1
oracle enterprise repository 12.1.3.0.0
oracle flexcube private banking 2.0.0.0
oracle flexcube private banking 12.0.1.0
oracle flexcube private banking 12.0.3.0
oracle flexcube private banking 12.1.0.0

Synopsis Important: Red Hat Fuse 750 security update Type/Severity Security Advisory: Important Topic A minor version update (from 74 to 75) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security h ...

Debian Bug report logs - #908950 activemq: CVE-2018-11775: ActiveMQ Client: Missing TLS Hostname Verification Package: src:activemq; Maintainer for src:activemq is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Sep 2018 14:36: ...

TLS hostname verification when using the Apache ActiveMQ Client before 5156 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server This is now enabled by default ...

Multiple vulnerabilities have been found in Hitachi Command Suite CVE-2015-7559, CVE-2018-11775, CVE-2019-0222, CVE-2023-46604 Affected products and versions are listed below Please upgrade your version to the appropriate version ...

Risk Report A Checkmarx SCA coding exercise SCA is the name of our product (Software Composition Analysis) and we provide the users with information on what third party open source packages they use in their code, if these package have any vulnerabilities and how to fix those vulnerabilities This exercise simulates a very basic flow of finding out what vulnerabilities the pac

CWE-295 http://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt http://www.securitytracker.com/id/1041618 http://www.securityfocus.com/bid/105335 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://access.redhat.com/errata/RHSA-2019:3892 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2021.html https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b%40%3Cdev.activemq.apache.org%3E https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apache.org%3E https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d%40%3Ccommits.activemq.apache.org%3E https://access.redhat.com/errata/RHSA-2019:3892 https://nvd.nist.gov https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-109/index.html

CVE-2018-11775

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect