CVE-2018-11087

State: PUBLISHED · Published: 2018-09-14 · Updated: 2024-09-17 · Assigner: dell

Description

Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.

CWE

(none)

Affected

Pivotal / Spring AMQP — v=1.x <1.7.10 [affected]; v=2.x <2.0.6 [affected]

CVSS

(none)

References

https://pivotal.io/security/cve-2018-11087 x_refsource_CONFIRM

Source

cvelistV5-main/cves/2018/11xxx/CVE-2018-11087.json