Описание
The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack.
The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-3533
- https://bugzilla.redhat.com/show_bug.cgi?id=851672
- https://exchange.xforce.ibmcloud.com/vulnerabilities/77984
- http://gerrit.ovirt.org/#/c/7209
- http://gerrit.ovirt.org/#/c/7249
- http://secunia.com/advisories/50409
- http://www.openwall.com/lists/oss-security/2012/08/24/6
- http://www.openwall.com/lists/oss-security/2012/08/26/1
- http://www.securityfocus.com/bid/55208
EPSS
Процентиль: 52%
0.00294
Низкий
CVE ID
Связанные уязвимости
nvd
больше 13 лет назад
The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack.
EPSS
Процентиль: 52%
0.00294
Низкий