CVE-2018-14627

The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connections:
Configurations

Configuration 1

cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:*

Information

Published : 2018-09-04 12:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-14627

Mitre link : CVE-2018-14627

Products Affected
No products.
CWE
CWE-319

Cleartext Transmission of Sensitive Information