CVE-2019-11777

2019-09-11T18:15:00
ID CVE-2019-11777
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:45:00

Description

In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information.