What is CVE-2018-14627?

CVE-2018-14627 is a medium-severity vulnerability in [Unknown] Jboss/wildfly, classified under Cleartext Transmission of Sensitive Information. CVSS score: 5.3/10. Published 2018-09-04.

How severe is CVE-2018-14627?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in [Unknown] Jboss/wildfly

CVE-2018-14627

The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connecti…

EPSS: 0.011 (61.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

[Unknown] Jboss/wildfly — versions 14.0.0
Redhat Wildfly

Weakness classification (CWE)

CWE-319 — Cleartext Transmission of Sensitive Information

References

secalert@redhat.com (x_refsource_CONFIRM, Patch, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)

Frequently asked questions

What is CVE-2018-14627?: CVE-2018-14627 is a medium-severity vulnerability in [Unknown] Jboss/wildfly, classified under Cleartext Transmission of Sensitive Information. CVSS score: 5.3/10. Published 2018-09-04.
How severe is CVE-2018-14627?: Medium severity. CVSS v3 base score is 5.3 out of 10.