Lucene search

Azure Sdk For Java Security Vulnerabilities

cve

CVE-2018-8119

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.

5.6CVSS

5.5AI Score

0.001EPSS

2018-05-09 07:29 PM

cve

CVE-2019-0729

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.

9.8CVSS

9.3AI Score

0.003EPSS

2019-03-06 12:00 AM

cve

CVE-2019-0741

An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.

7.5CVSS

7AI Score

0.005EPSS

2019-03-06 12:00 AM

cve

CVE-2020-16971

Azure SDK for Java Security Feature Bypass Vulnerability

7.4CVSS

7.4AI Score

0.002EPSS

2020-12-10 12:15 AM