RSS   Vulnerabilities for 'Couchbase server java sdk'   RSS

2020-06-08
 
CVE-2020-9040

CWE-295
 

 
Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker to forge an SSL certificate and pose as the intended peer. An attacker can leverage this flaw by crafting a cryptographically valid certificate that will be accepted by Java SDK's Netty component due to missing hostname verification.

 

 >>> Vendor: Couchbase 6 Products
Server
Sync gateway
Couchbase server
Couchbase server java sdk
Cloud native operator
Bleve


Copyright 2024, cxsecurity.com

 

Back to Top