CVE-2018-11087 in Pivotal Software and VMware Products
Published on September 14, 2018

TLS validation error

Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.

NVD

Products Associated with CVE-2018-11087

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-11087 are published in these products:

Pivotal Software Rabbitmq

Pivotal Software Spring Advanced Message Queuing Protocol

VMware Rabbitmq Java Client

Affected Versions

Pivotal Spring AMQP:

Version 1.x and below 1.7.10 is affected.
Version 2.x and below 2.0.6 is affected.

Exploit Probability

EPSS

0.52%

Percentile

66.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-11087 in Pivotal Software and VMware ProductsPublished on September 14, 2018

Products Associated with CVE-2018-11087

Affected Versions

Exploit Probability

CVE-2018-11087 in Pivotal Software and VMware Products
Published on September 14, 2018