exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2014-7144

больше 11 лет назад

OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.

CVSS2: 4.3

EPSS: Низкий

CVE-2014-7144

больше 11 лет назад

OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.

CVSS2: 4.3

EPSS: Низкий

CVE-2014-7144

больше 11 лет назад

OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.

CVSS2: 4.3

EPSS: Низкий

CVE-2014-7144

больше 11 лет назад

OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x befo ...

CVSS2: 4.3

EPSS: Низкий

GHSA-7f2c-vp52-gmfw

больше 3 лет назад

OpenStack keystonemiddleware does not verify certificate

CVSS3: 5.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-7144 OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.	CVSS2: 4.3	0% Низкий	больше 11 лет назад
CVE-2014-7144 OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.	CVSS2: 4.3	0% Низкий	больше 11 лет назад
CVE-2014-7144 OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.	CVSS2: 4.3	0% Низкий	больше 11 лет назад
CVE-2014-7144 OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x befo ...	CVSS2: 4.3	0% Низкий	больше 11 лет назад
GHSA-7f2c-vp52-gmfw OpenStack keystonemiddleware does not verify certificate	CVSS3: 5.9	0% Низкий	больше 3 лет назад

Уязвимостей на страницу