Lucene search
Redhat.comRH:CVE-2020-14387HistorySep 03, 2020 - 6:48 p.m.
CVE-2020-14387
2020-09-0318:48:39
redhat.com
access.redhat.com
12
0.002 Low
EPSS
Percentile
53.5%
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise confidentiality and integrity of data transmitted using rsync-ssl. The highest threat from this vulnerability is to data confidentiality and integrity.
Mitigation
This vulnerability can be mitigated by not using rsync-ssl in openssl mode.
Related
prion
prion
Design/Logic Flaw
2021-05-27 20:15:00
nvd
nvd
CVE-2020-14387
2021-05-27 20:15:07
cbl_mariner
cbl_mariner
CVE-2020-14387 affecting package rsync for versions less than 3.2.3-2
2022-04-26 19:57:36
archlinux
archlinux
[ASA-202101-1] rsync: man-in-the-middle
2021-01-04 00:00:00
veracode
veracode
Improper Validation Of Certificate
2020-12-19 19:36:48
f5
f5
K84155336 : rsync vulnerability CVE-2020-14387
2022-04-30 00:00:00
cve
cve
CVE-2020-14387
2021-05-27 20:15:07
ubuntucve
ubuntucve
CVE-2020-14387
2021-05-27 00:00:00
osv
osv
CVE-2020-14387
2021-05-27 20:15:07
debiancve
debiancve
CVE-2020-14387
2021-05-27 20:15:07
nessus
nessus
Photon OS 4.0: Rsync PHSA-2021-4.0-0046
2021-06-21 00:00:00
GLSA-202405-22 : rsync: Multiple Vulnerabilities
2024-05-08 00:00:00
alpinelinux
alpinelinux
CVE-2020-14387
2021-05-27 20:15:07
cvelist
cvelist
CVE-2020-14387
2021-05-27 19:44:53
photon
photon
Important Photon OS Security Update - PHSA-2021-0046
2021-06-15 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0046
2021-06-15 00:00:00
gentoo
gentoo
rsync: Multiple Vulnerabilities
2024-05-08 00:00:00