Lucene search
GitHub Advisory DatabaseGHSA-P3XV-97G8-4WMJHistoryMay 17, 2022 - 4:52 a.m.
Python Swift client is vulnerable to Missing SSL Certificate Check
2022-05-1704:52:37
GitHub Advisory Database
github.com
8
python
swift
client
ssl
certificate
vulnerability
openstack
library
man-in-the-middle
attack
sensitive information
crafted certificate
software
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.001
Percentile
25.9%
The OpenStack Python client library for Swift (python-swiftclient) from 1.0 before 2.0.2 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected configurations
Node
pythonswiftclientRange≤1.9.0
Related
openvas
openvas
Fedora Update for python-swiftclient FEDORA-2014-3054
2014-03-25 00:00:00
Fedora Update for python-swiftclient FEDORA-2014-3054
2014-03-25 00:00:00
prion
prion
Information disclosure
2014-02-18 19:55:00
ubuntucve
ubuntucve
CVE-2013-6396
2014-02-18 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: python-swiftclient-2.0.2-1.fc20
2014-03-21 09:34:23
osv
osv
PYSEC-2014-12
2014-02-18 19:55:00
Python Swift client is vulnerable to Missing SSL Certificate Check
2022-05-17 04:52:37
nessus
nessus
Fedora 20 : python-swiftclient-2.0.2-1.fc20 (2014-3054)
2014-03-22 00:00:00
nvd
nvd
CVE-2013-6396
2014-02-18 19:55:04
debiancve
debiancve
CVE-2013-6396
2014-02-18 19:55:04
cve
cve
CVE-2013-6396
2014-02-18 19:55:04
cvelist
cvelist
CVE-2013-6396
2014-02-18 19:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.001
Percentile
25.9%
Related for GHSA-P3XV-97G8-4WMJ