Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Amq Clients 2
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-0223 | 2 Apache, Redhat | 17 Qpid, A Mq Clients, Cloudforms Managementengine and 14 more | 2024-08-04 | 7.4 High |
| While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic. | ||||
Page 1 of 1.