vulnerability

Ubuntu: USN-6910-1 (CVE-2018-11775): Apache ActiveMQ vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	09/10/2018	07/24/2024	11/27/2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

09/10/2018

Added

07/24/2024

Modified

11/27/2024

Description

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.

Solution(s)

ubuntu-pro-upgrade-activemqubuntu-pro-upgrade-libactivemq-java

References

CVE-2018-11775
https://attackerkb.com/topics/CVE-2018-11775
UBUNTU-USN-6910-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today