Lucene search

K
cvelistRedhatCVELIST:CVE-2012-3525
HistoryAug 25, 2012 - 4:00 p.m.

CVE-2012-3525

2012-08-2516:00:00
redhat
www.cve.org

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%