Lucene search
+L

5 matches found

nvd
nvd
added 2023/02/16 4:15 p.m.24 views

CVE-2022-27890

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

7.4CVSS6.4AI score0.00223EPSS
Exploits0References1
osv
osv
added 2023/02/16 4:15 p.m.17 views

CVE-2022-27890

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

7.4CVSS7.2AI score
Exploits0References1
prion
prion
added 2023/02/16 4:15 p.m.35 views

Design/Logic Flaw

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

4CVSS7.2AI score0.00223EPSS
Exploits0References1Affected Software1
cve
cve
added 2023/02/16 12:0 a.m.47 views

CVE-2022-27890

CVE-2022-27890 concerns the sls-logging component, where hostname verification in TLS certificates was compromised by a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious actor in a privileged network position could abuse this to perform a man-in-the-middle attack, allowing interceptio...

7.4CVSS7.2AI score0.00223EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/02/16 12:0 a.m.30 views

CVE-2022-27890

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

6.3CVSS7.4AI score0.00223EPSS
Exploits0References1
Rows per page
Query Builder