CVE-2013-6418

Опубликовано: 05 мая 2014

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pywbem_project:pywbem:*:*:*:*:*:*:*:*

Версия до 0.7 (включая)

EPSS

Процентиль: 57%

0.00345

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2013-6418

ubuntu

больше 11 лет назад

PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.

CVE-2013-6418

redhat

около 12 лет назад

PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.

CVE-2013-6418

msrc

5 месяцев назад

PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.

CVE-2013-6418

debian

больше 11 лет назад

PyWBEM 0.7 and earlier uses a separate connection to validate X.509 ce ...

GHSA-f9q5-46qg-74x4

CVSS3: 7.5

github

больше 3 лет назад

PyWBEM TOCTOU vulnerability in certificate validation

EPSS

Процентиль: 57%

0.00345

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20