CVE-2018-14627 – JBoss/WildFly: iiop does not honour strict transport confidentiality

https://notcve.org/view.php?id=CVE-2018-14627

04 Sep 2018 — The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connections: El subsistema IIOP OpenJDK en WildFly en versiones anteriores a la 14.0.0 no cumple con al configuración cuando se requiere transporte SSL. Los servidores con versiones anteriores a ésta que es... • https://access.redhat.com/errata/RHSA-2018:3527 • CWE-319: Cleartext Transmission of Sensitive Information •