GHSA-FFM7-7R8G-77XM Apache CXF JMX Integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the createMBServerConnectorFactory property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An attack...

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.3 security update

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Security Bulletin: Apache CXF vulnerability identified in IBM Tivoli Application Dependency Discovery Manager (CVE-2020-1954)

Summary This security bulletin addresses the vulnerability in Open Source Apache CXF that affect IBM Tivoli Application Dependency Discovery Manager. Vulnerability Details CVEID: CVE-2020-1954 DESCRIPTION: Apache CXF is vulnerable to a man-in-the-middle attack, caused by a flaw in JMX Integration...

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 8 (Moderate) (RHSA-2020:4245)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4245 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

cxf: JMX integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

cxf: JMX integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

CVE-2020-1954

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

CVE-2020-1954

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...