CVE-2018-11775 vulnerability in Apache and Other Products
Published on September 10, 2018

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.

Vendor Advisory NVD

Products Associated with CVE-2018-11775

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-11775 are published in these products:

Apache ActiveMQ

Oracle Enterprise Repository

Oracle Flexcube Private Banking

Canonical Ubuntu Linux

Affected Versions

Apache Software Foundation Apache ActiveMQ Version 5.0.0 - 5.15.5 is affected by CVE-2018-11775

Exploit Probability

EPSS

0.49%

Percentile

65.15%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-11775 vulnerability in Apache and Other ProductsPublished on September 10, 2018

Products Associated with CVE-2018-11775

Affected Versions

Exploit Probability

CVE-2018-11775 vulnerability in Apache and Other Products
Published on September 10, 2018