Lucene search

K
nvd[email protected]NVD:CVE-2023-45613
HistoryOct 09, 2023 - 11:15 a.m.

CVE-2023-45613

2023-10-0911:15:11
CWE-295
web.nvd.nist.gov
7
jetbrains ktor
insecure
certificate
verification

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

40.7%

In JetBrains Ktor before 2.3.5 server certificates were not verified

Affected configurations

Nvd
Node
jetbrainsktorRange<2.3.5
VendorProductVersionCPE
jetbrainsktor*cpe:2.3:a:jetbrains:ktor:*:*:*:*:*:*:*:*

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

40.7%

Related for NVD:CVE-2023-45613