#VU14741 Improper validation of certificate with host mismatch in ActiveMQ - CVE-2018-11775

Cybersecurity Help s.r.o.

Published: 2018-09-11

Vulnerability identifier: #VU14741

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-11775

CWE-ID: CWE-297

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
ActiveMQ
Server applications / Mail servers

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to perform a MitM attack.

The vulnerability exists due to the Apache ActiveMQ Client does not validate hostname when using SSL/TLS protocol to connect to the Apache ActiveMQ server. A remote attacker can perform a Man-in-the-Middle (MitM) attack and intercept all traffic between Java client and ActiveMQ server.

Mitigation
Update to version5.5.16.

Vulnerable software versions

ActiveMQ: 5.15.0 - 5.15.5

External links
https://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for activemq

Multiple vulnerabilities in IBM Cognos Command Center

Multiple vulnerabilities in Red Hat Fuse

MitM attack in Apache ActiveMQ Client