Lucene search

PRIOn knowledge basePRION:CVE-2010-4340

HistorySep 12, 2011 - 12:41 p.m.

Code injection

2011-09-1212:41:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.2%

JSON

libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.

CPENameOperatorVersion
libcloudeq0.3.1
libcloudeq0.3.0
libcloudle0.4.0
libcloudeq0.2.0

Name	Operator	Version
libcloud	eq	0.3.1
libcloud	eq	0.3.0
libcloud	le	0.4.0
libcloud	eq	0.2.0

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463

mail-archives.apache.org/mod_mbox/incubator-libcloud/201009.mbox/%3C5860913.463891285776633273.JavaMail.jira%40thor%3E

mail-archives.apache.org/mod_mbox/incubator-libcloud/201011.mbox/browser

wiki.apache.org/incubator/LibcloudSSL

issues.apache.org/jira/browse/LIBCLOUD-55