exploitDog

CVE-2014-0041

Опубликовано: 09 янв. 2014

Источник: redhat

CVSS2: 2.6

EPSS Низкий

Описание

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-295

https://bugzilla.redhat.com/show_bug.cgi?id=1059515openstack-heat-templates: use of HTTPS url and sslverify=false

EPSS

Процентиль: 57%

0.00357

Низкий

2.6 Low

CVSS2

Связанные уязвимости

CVE-2014-0041

nvd

больше 11 лет назад

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors.

GHSA-c74h-cqh6-v99x

github

больше 3 лет назад

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors.

EPSS

Процентиль: 57%

0.00357

Низкий

2.6 Low

CVSS2