CVE-2018-11775

activemq: ActiveMQ Client Missing TLS Hostname Verification

Severity Score

7.4

*CVSS v3

Exploit Likelihood

< 1%

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.

Falta la verificación de nombres de host TLS al emplear Apache ActiveMQ Client en versiones anteriores a la 5.15.6, lo que podría hacer que el cliente sea vulnerable a un ataque Man-in-the-Middle (MitM) entre una aplicación Java que emplea el cliente ActiveMQ y el servidor ActiveMQ. Ahora está habilitado por defecto.

Chess Hazlett discovered that Apache ActiveMQ incorrectly handled certain commands. A remote attacker could possibly use this issue to terminate the program, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Peter Stoeckli discovered that Apache ActiveMQ incorrectly handled hostname verification. A remote attacker could possibly use this issue to perform a person-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-06-05 CVE Reserved
2018-09-10 CVE Published
2024-09-16 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-295: Improper Certificate Validation

CAPEC

References (17)

URL	Tag	Source
http://www.securityfocus.com/bid/105335	Third Party Advisory
http://www.securitytracker.com/id/1041618	Third Party Advisory
https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apa...	Mailing List
https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq...	Mailing List
https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq...	Mailing List
https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b%40%3Cdev.activemq.apa...	Mailing List
https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d%40%3Ccommits.activem...	Mailing List
https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html	Mailing List
https://www.oracle.com/security-alerts/cpuapr2020.html	X_refsource_misc
https://www.oracle.com/security-alerts/cpujan2021.html	X_refsource_misc

1 - 10 of 11

URL	Date	SRC

URL	Date	SRC
https://www.oracle.com/technetwork/security-advisory/cpuapr20...	2023-11-07
https://www.oracle.com/technetwork/security-advisory/cpujan20...	2023-11-07

1 - 2 of 2

URL	Date	SRC
http://activemq.apache.org/security-advisories.data/CVE-2018-11775...	2023-11-07
https://access.redhat.com/errata/RHSA-2019:3892	2023-11-07
https://access.redhat.com/security/cve/CVE-2018-11775	2019-11-14
https://bugzilla.redhat.com/show_bug.cgi?id=1629083	2019-11-14

1 - 4 of 4

Affected Vendors, Products, and Versions (7)

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Activemq Search vendor "Apache" for product "Activemq"				< 5.15.6 Search vendor "Apache" for product "Activemq" and version " < 5.15.6"		-		Affected
Oracle Search vendor "Oracle"		Enterprise Repository Search vendor "Oracle" for product "Enterprise Repository"				12.1.3.0.0 Search vendor "Oracle" for product "Enterprise Repository" and version "12.1.3.0.0"		-		Affected
Oracle Search vendor "Oracle"		Flexcube Private Banking Search vendor "Oracle" for product "Flexcube Private Banking"				2.0.0.0 Search vendor "Oracle" for product "Flexcube Private Banking" and version "2.0.0.0"		-		Affected
Oracle Search vendor "Oracle"		Flexcube Private Banking Search vendor "Oracle" for product "Flexcube Private Banking"				2.2.0.1 Search vendor "Oracle" for product "Flexcube Private Banking" and version "2.2.0.1"		-		Affected
Oracle Search vendor "Oracle"		Flexcube Private Banking Search vendor "Oracle" for product "Flexcube Private Banking"				12.0.1.0 Search vendor "Oracle" for product "Flexcube Private Banking" and version "12.0.1.0"		-		Affected
Oracle Search vendor "Oracle"		Flexcube Private Banking Search vendor "Oracle" for product "Flexcube Private Banking"				12.0.3.0 Search vendor "Oracle" for product "Flexcube Private Banking" and version "12.0.3.0"		-		Affected
Oracle Search vendor "Oracle"		Flexcube Private Banking Search vendor "Oracle" for product "Flexcube Private Banking"				12.1.0.0 Search vendor "Oracle" for product "Flexcube Private Banking" and version "12.1.0.0"		-		Affected

1 - 7 of 7