Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-15134

Опубликовано: 31 июл. 2020
Источник: nvd
CVSS3: 8
CVSS3: 8.7
CVSS2: 6.4
EPSS Низкий

Описание

Faye before version 1.4.0, there is a lack of certification validation in TLS handshakes. Faye uses em-http-request and faye-websocket in the Ruby version of its client. Those libraries both use the EM::Connection#start_tls method in EventMachine to implement the TLS handshake whenever a wss: URL is used for the connection. This method does not implement certificate verification by default, meaning that it does not check that the server presents a valid and trusted TLS certificate for the expected hostname. That means that any https: or wss: connection made using these libraries is vulnerable to a man-in-the-middle attack, since it does not confirm the identity of the server it is connected to. The first request a Faye client makes is always sent via normal HTTP, but later messages may be sent via WebSocket. Therefore it is vulnerable to the same problem that these underlying libraries are, and we needed both libraries to support TLS verification before Faye could claim to do t

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:faye_project:faye:*:*:*:*:*:*:*:*
Версия до 1.4.0 (исключая)

EPSS

Процентиль: 32%
0.00122
Низкий

8 High

CVSS3

8.7 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-295
CWE-295

Связанные уязвимости

ubuntu логотип

CVE-2020-15134

CVSS3: 8
ubuntu
больше 5 лет назад

Faye before version 1.4.0, there is a lack of certification validation in TLS handshakes. Faye uses em-http-request and faye-websocket in the Ruby version of its client. Those libraries both use the `EM::Connection#start_tls` method in EventMachine to implement the TLS handshake whenever a `wss:` URL is used for the connection. This method does not implement certificate verification by default, meaning that it does not check that the server presents a valid and trusted TLS certificate for the expected hostname. That means that any `https:` or `wss:` connection made using these libraries is vulnerable to a man-in-the-middle attack, since it does not confirm the identity of the server it is connected to. The first request a Faye client makes is always sent via normal HTTP, but later messages may be sent via WebSocket. Therefore it is vulnerable to the same problem that these underlying libraries are, and we needed both libraries to support TLS verification before Faye could claim to d...

debian логотип

CVE-2020-15134

CVSS3: 8
debian
больше 5 лет назад

Faye before version 1.4.0, there is a lack of certification validation ...

github логотип

GHSA-3q49-h8f9-9fr9

CVSS3: 8
github
больше 5 лет назад

Missing TLS certificate verification

EPSS

Процентиль: 32%
0.00122
Низкий

8 High

CVSS3

8.7 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-295
CWE-295