6.4 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
64.9%
The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.