← Back

Jboss Amq Clients 2

jboss_amq_clients_2

Vendor: Redhat • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-0223
2Apache
Redhat
10Enterprise Linux Desktop
Enterprise Linux EusEnterprise Linux Server+7 more
Nov 21, 2024
Apr 23, 2019
N/A· v4
7.4 HIGH· v3
5.8 MEDIUM· v2
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when conf...Show more
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic.Show less