Lucene search
Veracode Vulnerability DatabaseVERACODE:28651HistoryDec 19, 2020 - 7:36 p.m.
Improper Validation Of Certificate
2020-12-1919:36:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.002 Low
EPSS
Percentile
53.5%
rsync is vulnerable to improper validation of certificate. It does not verify the hostname in the server certificate in openssl mode, so a man-in-the-middle attacker with a valid certificate for another hostname could intercept connections.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rsync:sid | eq | 3.2.3-2 | |
| rsync:bullseye | eq | 3.2.3-2 | |
| rsync:edge | eq | 3.2.3-r2 | |
| rsync:edge | eq | 3.2.3-r4 | |
| rsync:edge | eq | 3.1.3-r3 | |
| rsync:edge | eq | 3.2.3-r3 | |
| rsync:edge | eq | 3.2.3-r1 | |
| rsync:edge | eq | 3.2.3-r5 |
Related
prion
prion
Design/Logic Flaw
2021-05-27 20:15:00
nvd
nvd
CVE-2020-14387
2021-05-27 20:15:07
cbl_mariner
cbl_mariner
CVE-2020-14387 affecting package rsync for versions less than 3.2.3-2
2022-04-26 19:57:36
archlinux
archlinux
[ASA-202101-1] rsync: man-in-the-middle
2021-01-04 00:00:00
f5
f5
K84155336 : rsync vulnerability CVE-2020-14387
2022-04-30 00:00:00
ubuntucve
ubuntucve
CVE-2020-14387
2021-05-27 00:00:00
osv
osv
CVE-2020-14387
2021-05-27 20:15:07
cve
cve
CVE-2020-14387
2021-05-27 20:15:07
debiancve
debiancve
CVE-2020-14387
2021-05-27 20:15:07
redhatcve
redhatcve
CVE-2020-14387
2020-09-03 18:48:39
nessus
nessus
Photon OS 4.0: Rsync PHSA-2021-4.0-0046
2021-06-21 00:00:00
GLSA-202405-22 : rsync: Multiple Vulnerabilities
2024-05-08 00:00:00
alpinelinux
alpinelinux
CVE-2020-14387
2021-05-27 20:15:07
cvelist
cvelist
CVE-2020-14387
2021-05-27 19:44:53
photon
photon
Important Photon OS Security Update - PHSA-2021-0046
2021-06-15 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0046
2021-06-15 00:00:00
gentoo
gentoo
rsync: Multiple Vulnerabilities
2024-05-08 00:00:00