vulnerability
Debian: CVE-2018-11775: activemq -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Sep 10, 2018 | Mar 8, 2021 | Nov 27, 2024 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Sep 10, 2018
Added
Mar 8, 2021
Modified
Nov 27, 2024
Description
TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.
Solution
debian-upgrade-activemq

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.