Lucene search
HistoryApr 09, 2013 - 8:55 p.m.
CVE-2013-0253
cve-2013-0253
apache maven
ssl
security vulnerability
nvd
6.4 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
64.9%
The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache:maven | apache maven | eq | 3.0.4 |
Related
debiancve
debiancve
CVE-2013-0253
2013-04-09 20:55:00
veracode
veracode
Man-in-the-middle (MITM) Through SSL Certificate Check Bypass
2014-06-08 00:44:46
Man-in-the-middle (MITM) Through SSL Certificate Check Bypass
2019-01-15 08:51:22
nessus
nessus
RHEL 6 : jenkins (RHSA-2013:0700)
2018-12-06 00:00:00
ubuntucve
ubuntucve
CVE-2013-0253
2013-04-09 00:00:00
redhat
redhat
(RHSA-2013:0700) Moderate: jenkins security update
2013-04-02 00:00:00
securityvulns
securityvulns
Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4
2013-03-03 00:00:00
prion
prion
Default configuration
2013-04-09 20:55:00
6.4 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
64.9%
Related for CVE-2013-0253