Описание
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.
Ссылки
- Issue TrackingMitigationThird Party Advisory
- Issue TrackingMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00142
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-295
CWE-295
Связанные уязвимости
redhat
около 11 лет назад
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.
CVSS3: 9.1
github
больше 3 лет назад
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.
EPSS
Процентиль: 35%
0.00142
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-295
CWE-295