CVE-2018-11087
N/A
N/A
Summary
Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Pivotal | Spring AMQP | 1.x < 1.7.10 | affected |
| Pivotal | Spring AMQP | 2.x < 2.0.6 | affected |
Weaknesses
- TLS validation error
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.