Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-33681

Опубликовано: 23 сент. 2022
Источник: nvd
CVSS3: 5.9
EPSS Низкий

Описание

Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man in the middle attack. Connections from the Pulsar Java Client to the Pulsar Broker/Proxy and connections from the Pulsar Proxy to the Pulsar Broker are vulnerable. Authentication data is sent before verifying the server’s TLS certificate matches the hostname, which means authentication data could be exposed to an attacker. An attacker can only take advantage of this vulnerability by taking control of a machine 'between' the client and the server. The attacker must then actively manipulate traffic to perform the attack by providing the client with a cryptographically valid certificate for an unrelated host. Because the client sends authentication data before performing hostname verification, an attacker could gain access to the client’s authentication data. The client eventually closes the connection when it verifies the hostname and identifies the targeted hostname

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*
Версия до 2.7.5 (исключая)
cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*
Версия от 2.8.0 (включая) до 2.8.4 (исключая)
cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*
Версия от 2.9.0 (включая) до 2.9.3 (исключая)
cpe:2.3:a:apache:pulsar:2.10.0:-:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00086
Низкий

5.9 Medium

CVSS3

Дефекты

CWE-295
CWE-295

Связанные уязвимости

redhat логотип

CVE-2022-33681

CVSS3: 5.9
redhat
больше 3 лет назад

Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man in the middle attack. Connections from the Pulsar Java Client to the Pulsar Broker/Proxy and connections from the Pulsar Proxy to the Pulsar Broker are vulnerable. Authentication data is sent before verifying the server’s TLS certificate matches the hostname, which means authentication data could be exposed to an attacker. An attacker can only take advantage of this vulnerability by taking control of a machine 'between' the client and the server. The attacker must then actively manipulate traffic to perform the attack by providing the client with a cryptographically valid certificate for an unrelated host. Because the client sends authentication data before performing hostname verification, an attacker could gain access to the client’s authentication data. The client eventually closes the connection when it verifies the hostname and identifies the targeted hostna...

github логотип

GHSA-c5fp-x2h5-vjv7

CVSS3: 5.9
github
больше 3 лет назад

Apache Pulsar Java Client vulnerable to Improper Certificate Validation

EPSS

Процентиль: 25%
0.00086
Низкий

5.9 Medium

CVSS3

Дефекты

CWE-295
CWE-295