Red Hat Bugzilla – Bug 843669
CVE-2012-3431 Teiid: JDBC socket does not encrypt client login messages by default
Last modified: 2014-10-20 20:03:09 EDT
The Teiid JDBC socket does not encrypt client login messages by default. The documentation and specification states that the socket will be encrypted by default.
This issue was discovered by Steven Hawkins of Red Hat.
This issue has been addressed in following products:
JBoss Enterprise Data Services Platform 5.3.0
Via RHSA-2012:1301 https://rhn.redhat.com/errata/RHSA-2012-1301.html