Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ASB-A-171980069
HistoryFeb 01, 2021 - 12:00 a.m.

Potential vulnerability in Java TLS Hostname Verification

2021-02-0100:00:00
Google
osv.dev
12
java
tls
hostname verification
vulnerability
remote information disclosure
okhostnameverifier
user interaction
software

AI Score

7

Confidence

High

EPSS

0.001

Percentile

37.8%

JSON

In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Related

cvelist 1
cve 1
prion 1
redhatcve 1
nvd 1
redhat 9
ibm 3
nessus 3
ics 1
oracle 1
cvelist
cvelist
CVE-2021-0341
2021-02-10 16:50:15
cve
cve
CVE-2021-0341
2021-02-10 17:15:22
prion
prion
Information disclosure
2021-02-10 17:15:00
redhatcve
redhatcve
CVE-2021-0341
2022-12-15 20:04:50
nvd
nvd
CVE-2021-0341
2021-02-10 17:15:22
redhat
redhat
(RHSA-2023:2723) Moderate: Red Hat Data Grid 8.4.2 security update
2023-05-10 13:40:35
(RHSA-2023:0756) Important: Red Hat JBoss Enterprise Application Platform 7.4.9 XP 4.0.0.GA Security release
2023-02-14 11:39:31
(RHSA-2023:2713) Moderate: Red Hat Single Sign-On 7.6.3 security update
2023-05-10 11:57:32
ibm
ibm
Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java
2024-07-08 20:30:50
Security Bulletin: Common Vulnerabilities in Cloudera Data Platform Private Cloud Base 7.1.9.
2024-05-07 19:59:01
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for July 2024.
2024-08-08 17:17:47
nessus
nessus
RHEL 7 : Red Hat Single Sign-On 7.6.3 security update on RHEL 7 (Moderate) (RHSA-2023:2705)
2023-05-13 00:00:00
RHEL 9 : Red Hat Single Sign-On 7.6.3 security update on RHEL 9 (Moderate) (RHSA-2023:2707)
2023-05-13 00:00:00
RHEL 8 : Red Hat Single Sign-On 7.6.3 security update on RHEL 8 (Moderate) (RHSA-2023:2706)
2023-05-13 00:00:00
ics
ics
Siemens SIMATIC
2024-03-14 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00

AI Score

7

Confidence

High

EPSS

0.001

Percentile

37.8%

JSON
Related for OSV:ASB-A-171980069
cvelist1cve1prion1redhatcve1nvd1redhat9ibm3nessus3ics1oracle1