Описание
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
Ссылки
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ximian:evolution:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ximian:evolution:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ximian:evolution:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ximian:evolution:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ximian:evolution:1.0.8:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00262
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 22 лет назад
The camel component for Ximian Evolution 1.0.x and earlier does not ve ...
github
больше 3 лет назад
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
EPSS
Процентиль: 49%
0.00262
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other